微信公众号:云库管    www.yunDBA.com

北京云库管科技有限公司 (内部培训资料) 返回上级

 

PDF文档下载

 

Patch Set Update and Critical Patch Update October 2014 Availability Document (Doc ID 1912224.1)

To Bottom


PURPOSE

This document defines the patches and minimum releases for the Database Product Suite, Fusion Middleware Product Suite, Exalogic, and Enterprise Manager Suite Critical Patch Updates and Patch Set Updates released on October 14, 2014.

DETAILS

Patch Set Update and Critical Patch Update October 2014 Availability Document

 

 

My Oracle Support Note 1912224.1

Released October 14th, 2014

This document contains the following sections:

·         Section 1, "Overview"

·         Section 2, "What's New in October 2014"

·         Section 3, "Patch Availability for Oracle Products"

·         Section 4, "Final Patch History"

·         Section 5, "Sources of Additional Information"

·         Section 6, "Modification History"

·         Section 7, "Documentation Accessibility"

1 Overview

Oracle provides quarterly Security Patch Updates (SPU) to address security vulnerabilities, and Patch Set Updates (PSU) to address proactive, critical fixes and security vulnerabilities. The security vulnerabilities addressed are announced in the Advisory for October 2014, available at:

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

This document lists the Oracle Database, Fusion Middleware and Enterprise Manager SPU and PSU patches for product releases under error correction. The October 2014 release supersedes earlier Critical Patch Updates and Patch Set Updates for the same product releases. This document is subject to continual update after the initial release, and the changes are listed in Section 6, "Modification History." If you print this document, check My Oracle Support to ensure you have the latest version.

This section contains the following:

·         Section 1.1, "How To Use This Document"

·         Section 1.2, "Terminology in the Tables"

·         Section 1.3, "On-Request Patches"

·         Section 1.4, "CPU Program and My Oracle Support Patch Recommendations"

·         Section 1.5, "Oracle Database Security Patch Updates and Patch Set Updates"

1.1 How To Use This Document

The following steps explain how to use this document.

Step 1   Assess your Environments

Determine the Oracle product suites and products and their release numbers for each of your environments.

Step 2   Read Important Announcements

Review Section 2, "What's New in October 2014," as it lists documentation and packaging changes along with important announcements such as upcoming final patches.

Step 3   Determine Patches to be Applied

For each environment, determine which patches need to be applied by using the tables in Section 3, "Patch Availability for Oracle Products." There is one availability table for each product suite release, such as Oracle Database 11.1.0.7, Oracle Fusion Middleware 11.1.1.5.0, and Enterprise Manager Grid Control 10.2.0.5

·         The table lists the patches to be applied either to the product or to the appropriate product Oracle homes that are associated with the product suite

·         The patches are listed in the order released, with newest patches listed first

·         For some patches, multiple Oracle homes are listed. Apply the patch to all of the homes indicated that are applicable to your environment and only to the listed Oracle homes

·         The table lists only product releases that are under Premier Support or Extended Support and are under error correction as defined in My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy. Patches are provided only for these releases. If you do not see the release that you have installed, then check Table 168, "Final Patch History" and contact Oracle Support for further assistance

·         Patches that include security vulnerabilities announced in the current quarter's CPU Advisory, list the vulnerability CVE numbers in the Advisory Number column. If you are interested in the risk matrix for the vulnerabilities fixed in the patch, then see the CPU Advisory at http://www.oracle.com/technetwork/topics/security/alerts-086861.html. For patches that are listed from previous quarterly releases, or the current one without any security fixes, the column indicates "Released MMM YYYY"

·         When a section is referenced in a table, follow the link to determine which patches to install. For example, when Section 3.1.4, "Oracle Database" is referenced, determine the Oracle Database release that is installed, and find the patches to apply in the table for that Oracle Database release in Section 3.1.4, "Oracle Database."

Step 4   Apply the Patches

Download the patches, review the READMEs, and apply the patches according to the instructions.

Step 5   Planning for Future Critical Patch Updates

To help you plan for future Critical Patch Updates, this document includes final patch information based on Oracle's Lifetime Support Policy and error correction policies.

Section 2.5, "Final Patch Information (Error Correction Policies)" in Section 2, "What's New in October 2014," documents product releases for which final Critical Patch Updates are upcoming or are being announced. In each product section, there is also an Error Correction Information Table that documents the final CPU patch for the product. Products that have reached the end of error correction are documented in Section 4, "Final Patch History."

1.2 Terminology in the Tables

The following terminology is used in this patch availability document and in the subsequent tables.

·         BP Bundle Patch. An iterative, cumulative patch that is issued between patch sets. Bundle patches usually include only fixes, but some products may include minor enhancements.

·         CPU Critical Patch Update patch. Prior to October 2012, Security Patch Update (SPU) patches were called Critical Patch Update (CPU) patches. For patches that were previously released as CPU patches, this Patch Availability Document will continue to reference them as CPUs.

·         Final Patch is the last quarterly cycle until when patches will be provided as per the Premier Support or Extended Support policies. For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html.

·         NA Not Applicable.

·         OR On-Request. The patch is made available through the On-Request program.

·         PSU Patch Set Update. An iterative, cumulative patch that contains both security fixes and non-security critical fixes that are high-value and low-risk.

·         SPU Security Patch Update. An iterative, cumulative patch consisting of security fixes. Formerly known as a Critical Patch Update. Note that Oracle's program for quarterly release of security fixes continues to be called the Critical Patch Update. Patches released as part of this program may be Patch Set Updates, Security Patch Updates, and Bundle Patches. Regardless of the patch type, the patches are cumulative.

·         Overlay SPU patch provided as an overlay on top of a PSU or BP instead of a base/patch set release.

1.3 On-Request Patches

Oracle does not release proactive patches for historically inactive platforms. However, Oracle will deliver these patches when requested.

The following guidelines describe how to initiate an on-request (OR) patch.

A request may be made:

·         At any time. However, a patch for a specific quarterly release, such as CPUOct2012, cannot be requested. Depending on when the request is received and processed, either the patch for the current quarterly release or the next quarterly release will be provided. Your Service Request (SR) will provide you the planned availability date for the patch.

·         As long as the version is in either Premier Support or Extended Support and error correction support has not expired. For example, if a product release is under Extended Support through the release of CPUJan2013 on January 15, 2013, then you can file a request for the product release through January 29, 2013. For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html, and Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

·         For a platform-version combination when a major release or patch set is released on a platform after a quarterly release date. Oracle will provide the next patch for that platform-version combination, however you may request the current patch by following the on-request process. For example, if a patch is released for a platform on August 1, 2012, Oracle will provide the CPUOct2012 patch for that platform. You may request a CPUJul2012 patch for the platform, and Oracle will review the request and determine whether to provide CPUJul2012 or CPUOct2012.

A patch that is marked as on-request (OR) may already have been requested by another customer and be available on My Oracle Support. Before you file a Service Request (SR), check on My Oracle Support to see if the patch is already available for your platform.

1.4 CPU Program and My Oracle Support Patch Recommendations

My Oracle Support patch recommendation features are available on the Patches & Update tab. The patches announced in this document as part of the CPU program are classified as "Security" patch recommendations in My Oracle Support. If a new patch is being announced in this document, then the classification on any earlier patch is changed to "General", causing it to be removed from the My Oracle Support patch recommendations. If a patch has a "Security" classification, and a subsequent bundle, SPU, or PSU is released with a recommendation classification, then it will be classified as a "Security" recommendation in My Oracle Support.

Once a product release is no longer in error correction, its CPU patch information is removed from this document, but the last patch recommendation continues to be available in My Oracle Support.

1.5 Oracle Database Security Patch Updates and Patch Set Updates

The Database Security Patch Updates and Patch Set Updates that are released each quarter contain the same security fixes. However, they use different patching mechanisms, and Patch Set Updates include both security and recommended bug fixes. Consider the following guidelines when you are deciding to apply Patch Set Updates instead of Security Patch Updates:

·         Security Patch Updates are applied only on the base release version, for example 10.2.0.4.0

·         Patch Set Updates can be applied on the base release version or on any earlier Patch Set Update. For example, 11.1.0.7.2 can be applied on 11.1.0.7.1 and 11.1.0.7.0

·         Once a Patch Set Update has been applied, the recommended way to obtain future security content is to apply subsequent Patch Set Updates. Reverting from an applied Patch Set Update to the Security Patch Update, while technically possible, requires significant time and effort, and therefore, is not advised. You would need to determine which individual, non-security patches that are included in the Patch Set Update are pertinent to your deployment, and then apply them after installing the Security Patch Update.

·         Applying a Security Patch Update on an installation with an installed Patch Set Update is not supported

For more information on Patch Set Updates, see My Oracle Support Note 854428.1, Patch Set Updates (PSUs) for Oracle Products.

2 What's New in October 2014

This section describes important changes in October 2014:

·         Section 2.1, "Database Patch for Engineered Systems and Database In-memory 12.1.0.2.x"

·         Section 2.2, "Oracle JavaVM Component Database PSU"

·         Section 2.3, "Changes in Cloud Application Foundation Components"

·         Section 2.4, "My Oracle Support (MOS) Conflict Checker Tool"

·         Section 2.5, "Final Patch Information (Error Correction Policies)"

·         Section 2.6, "New Minimum Product Requirements for CPUOct2014"

·         Section 2.7, "New OPatch Requirements"

·         Section 2.8, "Post Release Patches"

2.1 Database Patch for Engineered Systems and Database In-memory 12.1.0.2.x

Beginning October 2014, Oracle announces a new bundle patch option for Database 12.1.0.2. The Database Patch for Engineered Systems and Database In-memory provides critical bug fixes for Exadata and Database with the In-memory option. The patch also includes all CPU security fixes and the Database PSU 12.1.0.2.1 bug fixes.

2.2 Oracle JavaVM Component Database PSU

In CPUOct2014 and later, Oracle JavaVM Component Database PSU is a new Patch Set Update for Database versions 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1 and 12.1.0.2. This PSU addresses Oracle JavaVM CPU program security vulnerabilities.

For RAC deployments, the Oracle JavaVM Component Database PSU patches cannot be installed in a RAC Rolling manner and requires database downtime to install. For the CPUOct2014 patches, there is an option that provides an interim solution to protect against all currently known Oracle JavaVM security vulnerabilities until such downtime is available to install these patches. For more information, see My Oracle Support Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches.

The OJVM PSU also addresses JDBC security vulnerabilities CVE-2014-4289 and CVE-2014-6544 as a separate generic patch (not platform-specific) that can be applied to all Oracle Database homes, including Client Only and Instant Client homes for Database Releases 12.1.0.1, 11.2.0.4, 11.2.0.3 and 11.1.0.7. Patch numbers are listed below in their Respective tables.

2.3 Changes in Cloud Application Foundation Components

Beginning in October 2014 the Cloud Application Foundation (CAF) components (Java SE, JRockit, WLS, Coherence and Oracle Traffic Director) will no longer be included as a part of the Exalogic PSU.

2.4 My Oracle Support (MOS) Conflict Checker Tool

The My Oracle Support (MOS) Conflict Checker tool is available as of July 21, 2014.

This tool is accessible from the Patch Search results screen ("Analyze with OPatch" button). The MOS Conflict Checker Tool allows you to upload an OPatch inventory to check for conflicts with patches to apply to your environment. If no conflicts are found, you can download the patches. If conflicts are found, the tool finds an existing resolution to download. If no resolution is found, you can request a solution, and monitor your request in the Plans region.

For more information and a demonstration video, see Knowledge Document Note 1091294.1, How to use the My Oracle Support Conflict Checker Tool.

2.5 Final Patch Information (Error Correction Policies)

The Final patch is the last CPU or PSU release for which the product release is under error correction. Final patches for upcoming releases, as well as newly scheduled final patches, are listed in the following sections.

Final patches scheduled for January 2015:

·         JRockit 5.x

·         Oracle Identity and Access Management 11.1.2.1

·         WebLogic Integration 10.0.1.0

·         WebLogic Portal 10.2.1.0

·         WebLogic Portal 10.0.1.0

·         WebLogic Server 10.0.2.0

·         WebLogic Workshop 10.2.1.0

·         WebLogic Workshop 10.0.1.0

Final patches scheduled for October 2014:

·         Oracle Database Management Plug-in 12.1.0.4

·         Oracle Enterprise Manager Grid Control 10.2.0.5

·         Oracle WebGate 10.1.4.3.0

For additional final patch history information, see Table 168. For information on the error correction support policy for patches, refer to My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

2.6 New Minimum Product Requirements for CPUOct2014

The following is new for CPUOct2014:

·         Minimum version for Oracle Application Express is 4.2.6

2.7 New OPatch Requirements

Opatch 12.1.0.1.5 is the minimum version for Grid Infrastructure PSU 12.1.0.2.1 and Database Patch for Engineered Systems and DB In-Memory 12.1.0.2.1.

2.8 Post Release Patches

The following are post-release patches with their estimated release dates.

·         GI 12.1.0.2.1 PSU Patch 19392646

Available October 17, 2014

·         Database patch for Engineered Systems and Database In-memory 12.1.0.2.1 Patch 19404326

Available October 17, 2014

·         Quarterly Full Stack download for Exadata (Oct2014) 12.1.0.2 BP Patch 19625684

Available October 17, 2014

·         Combo OJVM PSU 12.1.0.2.1 and GI PSU 12.1.0.2.1 Patch 19791375

Available October 21, 2014

·         Combo OJVM PSU 12.1.0.2.1 and Database BP 12.1.0.2.1 Patch 19791399

Available October 21, 2014

·         Microsoft Windows 32-Bit and x86-64 12.1.0.1 BP 14 Patch 19542943

Available October 16, 2014

·         Oracle JavaVM Component 12.1.0.1.1 Database PSU Patch 19801531 for Windows x64 (64-bit)

Available November 5, 2014

·         Oracle JavaVM Component 12.1.0.1.1 Database PSU Patch 19801531 for Windows (32-bit) is available (see Table 10). This Windows (32-bit) Patch is not required.

·         Oracle JavaVM Component 12.1.0.1.1 Database PSU Patch 19282024 for HP-IA

Available October 22, 2014

·         Oracle JavaVM Component 11.2.0.3.1 Database PSU Patch 19806120 for Windows x64 (64-bit)

Available October 31, 2014

·         Oracle JavaVM Component 11.2.0.3.1 Database PSU Patch 19806120 for Windows (32-bit)

Available November 11, 2014

·         Oracle JavaVM Component 11.1.0.7.1 Database PSU Patch 19806118 for Windows (32-bit)

Available November 11, 2014

·         Oracle JavaVM Component 11.1.0.7.1 Database PSU Patch 19806118 for Windows x64 (64-bit)

Estimated December 1, 2014

3 Patch Availability for Oracle Products

This section contains the following:

·         Section 3.1, "Oracle Database"

·         Section 3.2, "Oracle Enterprise Manager"

·         Section 3.3, "Oracle Fusion Middleware"

·         Section 3.4, "Oracle Sun Middleware"

·         Section 3.5, "Tools"

3.1 Oracle Database

This section contains the following:

·         Section 3.1.1, "Oracle APEX Listener"

·         Section 3.1.2, "Oracle Application Express"

·         Section 3.1.3, "Oracle Audit Vault"

·         Section 3.1.4, "Oracle Database"

·         Section 3.1.5, "Oracle Database Appliance"

·         Section 3.1.6, "Oracle Database Mobile/Lite Server"

·         Section 3.1.7, "Oracle GoldenGate Veridata"

·         Section 3.1.8, "Oracle Secure Backup"

·         Section 3.1.9, "Oracle Secure Enterprise Search"

·         Section 3.1.10, "Oracle TimesTen"

3.1.1 Oracle APEX Listener

Table 1 describes the Error Correction information for Oracle APEX Listener 1.1.4.

Table 1 Error Correction information for Oracle APEX Listener 1.1.4

Patch Information

1.1.4

Comments

Final Patch

-

 

Table 2 describes the minimum product requirements for Oracle APEX Listener. Critical Patch Update security vulnerabilities are fixed in the listed releases. For Oracle APEX Listener downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/apex-listener/downloads/index.html.

Table 2 Minimum Product Requirements for Oracle APEX Listener

Component

Release

Advisory Number

Comments

Oracle APEX Listener

1.1.4

Released July 2012

 

3.1.2 Oracle Application Express

Table 3 describes the Error Correction information for Oracle Application Express.

Table 3 Error Correction information for Oracle Application Express

Patch Information

4.2

Comments

Final Patch

October 2017

 

Table 4 describes the minimum product requirements for Oracle Application Express. Critical Patch Update security vulnerabilities are fixed in the listed releases. For Oracle Application Express downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/apex/downloads/index.html.

Table 4 Minimum Product Requirements for Oracle Application Express

Component

Release

Advisory Number

Comments

Oracle Application Express

4.2.6

CVE-2014-6483, CVE-2014-0050

 

3.1.3 Oracle Audit Vault

Table 5 describes the Error Correction information for Oracle Audit Vault.

Table 5 Error Correction information for Oracle Audit Vault

Patch Information

10.3

Comments

Final Patch

October 2016

 

Table 6 describes the available patches for Oracle Audit Vault 10.3.0.0.

Table 6 Patch Availability for Oracle Audit Vault 10.3.0.0

Product Home

Patch

Advisory Number

Comments

Oracle Audit Vault Embedded Database 11.2.0.3 for Server and Agent home

See Section 3.1.4.5, "Oracle Database 11.2.0.3"

See Section 3.1.4.5, "Oracle Database 11.2.0.3"

 

Agent home

CPU Patch 13894921 and

CPU Patch 13705483

Released April 2012

Standalone OC4J 10.1.3.4 Patch Set (Special OPatch needed, see README)

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

Server home

CPU Patch 13705483

Released April 2012

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

3.1.4 Oracle Database

This section contains the following:

·         Section 3.1.4.1, "Patch Availability for Oracle Database"

·         Section 3.1.4.2, "Oracle Database 12.1.0.2"

·         Section 3.1.4.3, "Oracle Database 12.1.0.1"

·         Section 3.1.4.4, "Oracle Database 11.2.0.4"

·         Section 3.1.4.5, "Oracle Database 11.2.0.3"

·         Section 3.1.4.6, "Oracle Database 11.1.0.7"

3.1.4.1 Patch Availability for Oracle Database

For Oracle Database 10.2.0.4 and later releases, customers have the option to install the Security Patch Update (SPU) or the Patch Set Update (PSU). Both patch types are cumulative patches. The PSU includes the security vulnerability bug fixes, as well as additional non-security bug fixes recommended by Oracle. For more information on PSU patches, see My Oracle Support Note 854428.1, Patch Set Updates (PSUs) for Oracle Products.

For the Microsoft Windows platforms, Oracle Database patches are released as cumulative patch bundles. You may install the indicated patch or later bundle in the Database Windows bundle series. The Windows patch bundles include the security vulnerability bug fixes, the PSU recommended non-security bug fixes, and other customer-requested bug fixes.

3.1.4.2 Oracle Database 12.1.0.2

Table 7 describes the Error Correction information for Oracle Database 12.1.0.2.

Table 7 Error Correction information for Oracle Database 12.1.0.2

Patch Information

12.1.0.2

Comments

Final Patch

-

 

PSU On-Request platforms

 

 

Table 8 describes all combinations of patches that are available for Oracle Database 12.1.0.2.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 8 Patch Availability for Oracle Database 12.1.0.2

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Combo OJVM PSU 12.1.0.2.1 and Database PSU 12.1.0.2.1 Patch 19791366, or

Combo OJVM PSU 12.1.0.2.1 and GI PSU 12.1.0.2.1 Patch 19791375, or

Combo OJVM PSU 12.1.0.2.1 and Database BP 12.1.0.2.1 Patch 19791399, or

Quarterly Full Stack download for Exadata (Oct2014) 12.1.0.2 BP Patch 19625684

CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4294, CVE-2014-4295, CVE-2014-4296, CVE-2014-4297, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-4301, CVE-2014-4310, CVE-2014-6452, CVE-2014-6453, CVE-2014-6454, CVE-2014-6455, CVE-2014-6467, CVE-2014-6537, CVE-2014-6538, CVE-2014-6542, CVE-2014-6545, CVE-2014-6546, CVE-2014-6547, CVE-2014-6560, CVE-2014-6563

OJVM PSU Patches are not RAC Rolling installable

Combos are for environments that take a single downtime to apply all patches for CPUOct2014

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Some patches are currently unavailable. See Section 2.8, "Post Release Patches"

Oracle Database home

Database 12.1.0.2.1 PSU Patch 19303936, or

GI 12.1.0.2.1 PSU Patch 19392646 or

Database patch for Engineered Systems and Database In-memory 12.1.0.2.1 Patch 19404326, or

Quarterly Full Stack download for Exadata (Oct2014) 12.1.0.2 BP Patch 19625684

CVE-2014-6537

Some patches are currently unavailable. See Section 2.8, "Post Release Patches"

Oracle Database home

Oracle JavaVM Component 12.1.0.2.1 Database PSU Patch 19282028

CVE-2014-6546, CVE-2014-6547, CVE-2014-4293, CVE-2014-4292, CVE-2014-4291, CVE-2014-4290, CVE-2014-4297, CVE-2014-4296, CVE-2014-4301, CVE-2014-4310, CVE-2014-6467, CVE-2014-6545, CVE-2014-4294, CVE-2014-6453, CVE-2014-6560, CVE-2014-6563, CVE-2014-6542, CVE-2014-6455, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6454, CVE-2014-4295, CVE-2014-6452, CVE-2014-6538

OJVM PSU Patches are not RAC Rolling installable

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

3.1.4.3 Oracle Database 12.1.0.1

Table 9 describes the Error Correction information for Oracle Database 12.1.0.1.

Table 9 Error Correction information for Oracle Database 12.1.0.1

Patch Information

12.1.0.1

Comments

Final Patch

-

 

PSU On-Request platforms

 

 

Table 10 describes all combinations of patches that are available for Oracle Database 12.1.0.1.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 10 Patch Availability for Oracle Database 12.1.0.1

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Combo OJVM PSU 12.1.0.1.1 and Database PSU 12.1.0.1.5 Patch 19791363, or

Combo OJVM PSU 12.1.0.1.1 and GI PSU 12.1.0.1.5 Patch 19791360, or

Quarterly Full Stack download for Exadata (Oct2014) 12.1.0.1 BP Patch 19625648

CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4294, CVE-2014-4295, CVE-2014-4296, CVE-2014-4297, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-4301, CVE-2014-4310, CVE-2014-6452, CVE-2014-6453, CVE-2014-6454, CVE-2014-6455, CVE-2014-6467, CVE-2014-6537, CVE-2014-6538, CVE-2014-6542, CVE-2014-6545, CVE-2014-6546, CVE-2014-6547, CVE-2014-6560, CVE-2014-6563

OJVM PSU Patches are not RAC Rolling installable. Combos are for environments that take a single downtime to apply all patches for CPUOct2014

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

Database 12.1.0.1.5 PSU Patch 19121550, or

GI 12.1.0.1.5 PSU Patch 19392372 for Linux x86-64, Solaris X64 and Solaris SPARC, or

GI 12.1.0.1.5 PSU Patch 19392451 for AIX, HP IA and zLinux

Microsoft Windows 32-Bit and x86-64 BP 14 Patch 19542943, or later;

Quarterly Full Stack download for Exadata (Oct2014) 12.1.0.1 BP Patch 19625648

CVE-2014-6537

CVE-2014-2478 (Windows Only)

GI 12.1.0.1.5 PSU Patch 19392372 is applicable to Exadata database servers running Oracle Database 12.1.0.1. For more information, see Note 888828.1

GI 12.1.0.1.5 PSU Patch 18705972 for AIX, HP IA and zLinux only contains DB PSU 12.1.0.1.5 sub-patch and no Clusterware sub-patches

Windows patches are currently unavailable. ETA for availability is documented in Section 2.8, "Post Release Patches"

Oracle Database home

Oracle JavaVM Component 12.1.0.1.1 Database PSU Patch 19282024 for UNIX,

or Patch 19801531 for Windows

CVE-2014-6546, CVE-2014-6547, CVE-2014-4293, CVE-2014-4292, CVE-2014-4291, CVE-2014-4290, CVE-2014-4297, CVE-2014-4296, CVE-2014-4301, CVE-2014-4310, CVE-2014-6467, CVE-2014-6545, CVE-2014-4294, CVE-2014-6453, CVE-2014-6560, CVE-2014-6563, CVE-2014-6542, CVE-2014-6455, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6454, CVE-2014-4295, CVE-2014-6452, CVE-2014-6538

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Windows patches are currently unavailable. ETA for availability is documented in Section 2.8, "Post Release Patches"

Oracle Database home

Oracle JavaVM Component 12.1.0.1.1 Database PSU - Generic JDBC Patch 19852357

CVE-2014-4289, CVE-2014-6544

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

3.1.4.4 Oracle Database 11.2.0.4

Table 11 describes the Error Correction information for Oracle Database 11.2.0.4.

Table 11 Error Correction information for Oracle Database 11.2.0.4

Patch Information

11.2.0.4

Comments

Final Patch

January 2018

 

SPU On-Request platforms

HP-UX PA RISC

IBM: Linux on System Z

32-bit client-only platforms except Linux x86

 

PSU On-Request platforms

32-bit client-only platforms except Linux x86

 

Table 12 describes all combinations of patches that are available for Oracle Database 11.2.0.4.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 12 Patch Availability for Oracle Database 11.2.0.4

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Combo OJVM PSU 11.2.0.4.1 and Database SPU 11.2.0.4 (CPUOct2014) Patch 19791358, or

Combo OJVM PSU 11.2.0.4.1 and Database PSU 11.2.0.4.4 Patch 19791364, or

Combo OJVM PSU 11.2.0.4.1 and GI PSU 11.2.0.4.4 Patch 19791420, or

Combo OJVM PSU 11.2.0.4.1 and Exadata BP 11.2.0.4.12 Patch 19791422, or

Quarterly Full Stack download for Exadata (Oct2014 - 11.2.0.4.0) BP Patch 19625776

CVE-2014-6546, CVE-2014-6547, CVE-2014-4293, CVE-2014-4292, CVE-2014-4290, CVE-2014-4291, CVE-2014-4294, CVE-2014-4295, CVE-2014-4296, CVE-2014-4297, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-4301, CVE-2014-4310, CVE-2014-6452, CVE-2014-6453, CVE-2014-6454, CVE-2014-6455, CVE-2014-6467, CVE-2014-6488, CVE-2014-6537, CVE-2014-6538, CVE-2014-6542, CVE-2014-6545, CVE-2014-6560, CVE-2014-6563

OJVM PSU Patches are not RAC Rolling installable. Combos are for environments that take a single downtime to apply all patches for CPUOct2014

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

Database 11.2.0.4 SPU Patch 19271443, or

Database 11.2.0.4.4 PSU Patch 19121551, or

GI 11.2.0.4.4 PSU Patch 19380115, or

Microsoft Windows (32-Bit) and x64 (64-Bit) BP 10 Patch 19651773, or later;

Quarterly Database Patch for Exadata (Oct2014) 11.2.0.4.12 BP Patch 19542004, or

Quarterly Full Stack download for Exadata (Oct2014) BP Patch 19625776

CVE-2014-6537, CVE-2014-6488

CVE-2014-2478 (Windows Only)

 

Oracle Database home

Oracle JavaVM Component 11.2.0.4.1 Database PSU Patch 19282021 for UNIX, or

Patch 19799291 for Windows

CVE-2014-6546, CVE-2014-6547, CVE-2014-4293, CVE-2014-4292, CVE-2014-4291, CVE-2014-4290, CVE-2014-4297, CVE-2014-4296, CVE-2014-4301, CVE-2014-4310, CVE-2014-6467, CVE-2014-6545, CVE-2014-4294, CVE-2014-6453, CVE-2014-6560, CVE-2014-6563, CVE-2014-6542, CVE-2014-6455, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6454, CVE-2014-4295, CVE-2014-6452, CVE-2014-6538

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

Oracle JavaVM Component 11.2.0.4.1 Database PSU - Generic JDBC Patch 19852360

CVE-2014-4289, CVE-2014-6544

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

3.1.4.5 Oracle Database 11.2.0.3

Table 13 describes the Error Correction information for Oracle Database 11.2.0.3.

Table 13 Error Correction information for Oracle Database 11.2.0.3

Patch Information

11.2.0.3

Comments

Final Patch

July 2015

 

SPU On-Request platforms

HP-UX PA RISC

IBM: Linux on System Z

32-bit client-only platforms except Linux x86

 

PSU On-Request platforms

32-bit client-only platforms except Linux x86

 

Table 14 describes all combinations of patches that are available for Oracle Database 11.2.0.3.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 14 Patch Availability for Oracle Database 11.2.0.3

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Combo OJVM PSU 11.2.0.3.1 and Database SPU 11.2.0.3 (CPUOct2014) Patch 19791426, or

Combo OJVM PSU 11.2.0.3.1 and Database PSU 11.2.0.3.12 Patch 19791427, or

Combo OJVM PSU 11.2.0.3.1 and GI PSU 11.2.0.3.12 Patch 19791428, or

Combo OJVM PSU 11.2.0.3.1 and Exadata BP 11.2.0.3.25 Patch 19791431, or

Quarterly Full Stack download for Exadata (Oct2014) 11.2.0.3 BP Patch 19625719

CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4294, CVE-2014-4295, CVE-2014-4296, CVE-2014-4297, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-4301, CVE-2014-4310, CVE-2014-6467, CVE-2014-6452, CVE-2014-6453, CVE-2014-6454, CVE-2014-6455, CVE-2014-6488, CVE-2014-6537, CVE-2014-6538, CVE-2014-6542, CVE-2014-6545, CVE-2014-6546, CVE-2014-6547, CVE-2014-6560, CVE-2014-6563

OJVM PSU Patches are not RAC Rolling installable. Combos are for environments that take a single downtime to apply all patches for CPUOct2014

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

Database 11.2.0.3 SPU Patch 19271438, or

Database 11.2.0.3.12 PSU Patch 19121548, or

GI 11.2.0.3.12 PSU Patch 19440385, or

Quarterly Database Patch for Exadata (Oct2014) 11.2.0.3.25 BP Patch 19500593, or

Quarterly Full Stack download for Exadata (Oct2014) 11.2.0.3 BP Patch 19625719, or

Microsoft Windows 32-Bit BP 34 Patch 19618574, or later

Microsoft Windows x86-64 BP 34 Patch 19618575, or later

CVE-2014-6537, CVE-2014-6488

CVE-2014-2478 (Windows Only)

 

Oracle Database home

Oracle JavaVM Component 11.2.0.3.1 Database PSU Patch 19282015 for UNIX, or

Patch 19806120 for Windows

CVE-2014-6546, CVE-2014-6547, CVE-2014-4293, CVE-2014-4292, CVE-2014-4291, CVE-2014-4290, CVE-2014-4297, CVE-2014-4296, CVE-2014-4301, CVE-2014-4310, CVE-2014-6467, CVE-2014-6545, CVE-2014-4294, CVE-2014-6453, CVE-2014-6560, CVE-2014-6563, CVE-2014-6542, CVE-2014-6455, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6454, CVE-2014-4295, CVE-2014-6452, CVE-2014-6538

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Windows patches are currently unavailable. ETA for availability is documented in Section 2.8, "Post Release Patches"

Oracle Database home

Oracle JavaVM Component 11.2.0.3.1 Database PSU - Generic JDBC Patch 19852361

CVE-2014-4289, CVE-2014-6544

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

CPU Patch 13705478

Released April 2012

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

3.1.4.6 Oracle Database 11.1.0.7

Table 15 describes the Error Correction information for Oracle Database 11.1.0.7.

Table 15 Error Correction information for Oracle Database 11.1.0.7

Patch Information

11.1.0.7

Comments

Final Patch

July 2015

 

SPU On-Request platforms

-

 

PSU On-Request platforms

-

 

Table 16 describes all combinations of patches that are available for Oracle Database 11.1.0.7.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 16 Patch Availability for Oracle Database 11.1.0.7

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Combo OJVM PSU 11.1.0.7.1 and Database SPU 11.1.0.7 (CPUOct2014) Patch 19791434, or

Combo OJVM PSU 11.1.0.7.1 and Database PSU 11.2.0.7.21 Patch 19791436

CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4294, CVE-2014-4295, CVE-2014-4296, CVE-2014-4297, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-4301, CVE-2014-4310, CVE-2014-6452, CVE-2014-6453, CVE-2014-6454, CVE-2014-6455, CVE-2014-6467, CVE-2014-6488, CVE-2014-6537, CVE-2014-6538, CVE-2014-6542, CVE-2014-6545, CVE-2014-6546, CVE-2014-6547, CVE-2014-6560, CVE-2014-6563

OJVM PSU Patches are not RAC Rolling installable. Combos are patches provided for environments take a single downtime to apply all patches for CPUOct2014

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

Database 11.1.0.7 SPU Patch 19274522 or

Database 11.1.0.7.21 PSU Patch 19152553, or

Microsoft Windows (32-Bit) BP 58 Patch 19609032, or later

Microsoft Windows x86-64 BP 58 Patch 19609034, or later

CVE-2014-6537, CVE-2014-6488

CVE-2014-2478 (Windows Only)

Patches also applicable to Fusion Middleware 11.1.1.x and 11.1.2.x installations

Oracle Database home

Oracle JavaVM Component 11.1.0.7.1 Database PSU Patch 19282002 for UNIX, or

Patch 19806118 for Windows

CVE-2014-6546, CVE-2014-6547, CVE-2014-4293, CVE-2014-4292, CVE-2014-4291, CVE-2014-4290, CVE-2014-4297, CVE-2014-4296, CVE-2014-4301, CVE-2014-4310, CVE-2014-6467, CVE-2014-6545, CVE-2014-4294, CVE-2014-6453, CVE-2014-6560, CVE-2014-6563, CVE-2014-6542, CVE-2014-6455, CVE-2014-4298, CVE-2014-4299, CVE-2014-4300, CVE-2014-6454, CVE-2014-4295, CVE-2014-6452, CVE-2014-6538

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Windows patches are currently unavailable. ETA for availability is documented in Section 2.8, "Post Release Patches"

Oracle Database home

Oracle JavaVM Component 11.1.0.7.1 Database PSU - Generic JDBC Patch 19852363

CVE-2014-4289, CVE-2014-6544

See Note 1929745.1, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

OHT BP Patch 16801095

Released July 2013

OHT BP 10.1.3.5 for DB Control

Oracle Database home

CPU Patch 13705478

Released April 2012

OC4J 10.1.3.3 one-off patch (Special OPatch needed, see README)

Oracle CRS home

CRS 11.1.0.7.7 PSU Patch 11724953

Released April 2011

Non-security content only

Oracle Database home

CPU Patch 9288120

Released April 2011

Database UIX

For Oracle Secure Enterprise Search 11.1.2.x installations, follow the instructions in Note 1359600.1

Oracle Database home

CPU Patch 10073948

Released April 2011

Enterprise Manager Database Control UIX

Not applicable to Oracle Secure Enterprise Search 11.1.2.x

Oracle Database home

CPU Patch 11738232

Released April 2011

Warehouse Builder

Not applicable to Oracle Secure Enterprise Search 11.1.2.x

3.1.5 Oracle Database Appliance

Table 17 describes the minimum product requirements for Oracle Database Appliance. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle Database Appliance downloads and installation instructions can be found at http://www.oracle.com/technetwork/server-storage/engineered-systems/database-appliance/overview/index.html.

Table 17 Minimum Product Requirements for Oracle Database Appliance

Component

Release

Advisory Number

Comments

Oracle Database Appliance

2.10.0.0.0

Released April 2014

 

3.1.6 Oracle Database Mobile/Lite Server

Table 18 describes the Error Correction information for Oracle Database Mobile/Lite Server.

Table 18 Error Correction Information for Oracle Database Mobile Server

Patch Information

11.1 (Mobile Server)

10.3 (Lite Server)

Comments

Final Patch

October 2019

October 2015

 

Table 19 describes the available patches for Oracle Database Mobile Server 11.1.x.

Table 19 Patch Availability for Oracle Database Mobile Server 11.1.x

Product Home

Patch

Advisory Number

Comments

11.1.0.0

11.1.0.0 BP Patch 16040170

Released January 2013

 

Table 20 describes the available patches for Oracle Database Lite Server 10.3.x.

Table 20 Patch Availability for Oracle Database Lite Server 10.3.x

Product Home

Patch

Advisory Number

Comments

10.3.0.3

10.3.0.3 BP Patch 15984417

Released January 2013

 

3.1.7 Oracle GoldenGate Veridata

Table 21 describes the error correction information for Oracle GoldenGate Veridata.

Table 21 Error Correction information for Oracle GoldenGate Veridata

Component

11.2.1.0

Comments

Final Patches

-

 

Table 22 describes the available patches for Oracle GoldenGate Veridata.

Table 22 Patch Availability for Oracle GoldenGate Veridata

Product Home

Patch

Advisory Number

Comments

11.2.1.0

BP 11.2.1.0.1 Patch 16291209 or later

Released April 2013

 

3.1.8 Oracle Secure Backup

Table 23 describes the Error Correction information for Oracle Secure Backup.

Table 23 Error Correction information for Oracle Secure Backup

Patch Information

10.4.x

Comments

Final Patch

October 2016

 

Table 24 describes the minimum product requirements for Oracle Secure Backup. Critical Patch Update security vulnerabilities are fixed in the listed releases.

Table 24 Minimum Product Requirements for Oracle Secure Backup 10.4.x

Product

Release

Advisory Number

Comments

Oracle Secure backup

10.4.0.2

Released July 2012

 

3.1.9 Oracle Secure Enterprise Search

Table 25 describes Error Correction information for Oracle Secure Enterprise Search.

Table 25 Error Correction information for Oracle Secure Enterprise Search

Patch Information

11.1.2.x

Comments

Final Patch

January 2015

 

Table 26 describes the available patches for Oracle Secure Enterprise Search 11.1.2.x.

Table 26 Patch Availability for Oracle Secure Enterprise Search 11.1.2.x

Product Home

Patch

Advisory Number

Comments

Oracle Database 11.1.0.7

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

Database UIX Patch 9288120 requires specific steps to be followed for Secure Enterprise Search customers. See Section 3.1.4.6, "Oracle Database 11.1.0.7"

11.1.2.x

SPU Patch 14364893

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 13718626

CPU Patch 10625676

CPU Patch 18767762

Released October 2012

Released October 2011

Released October 2011

Released October 2011

Released April 2012

Released January 2011

Released July 2013

WLS 10.3.2.0 CSS Patch (SU IDs: A6AX)

WLS 10.3.2.0 JMS Patch

WLS 10.3.2.0 WebServices Patch

WLS 10.3.2.0 Security Patch

WLS 10.3.2.0 WebApp Patch

WLS 10.3.2.0 Core Patch

WLS 10.3.2.0 Console Patch

3.1.10 Oracle TimesTen

Table 27 describes Error Correction information for Oracle TimesTen.

Table 27 Error Correction information for Oracle TimesTen

Patch Information

11.2.1.x

7.0.x

Comments

Final Patch

April 2017

January 2015

 

Table 28 describes the minimum product requirements for Oracle TimesTen. The CPU security vulnerabilities are fixed in the listed release and later releases.

Table 28 Minimum Product Requirements for Oracle TimesTen

Product

Release

Advisory Number

Comments

Oracle TimesTen 11.2.1.x

11.2.1.6.1

Released July 2010

 

Oracle TimesTen 7.0.x

7.0.6.2.0

Released July 2010

 

3.2 Oracle Enterprise Manager

This section contains the following:

·         Section 3.2.1, "Oracle Application Performance Management"

·         Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

·         Section 3.2.3, "Oracle Enterprise Manager Cloud Control 12c,"

·         Section 3.2.4, "Oracle Enterprise Manager Grid Control 11g (11.1.0.1)"

·         Section 3.2.5, "Oracle Enterprise Manager Grid Control 10g (10.2.0.5)"

3.2.1 Oracle Application Performance Management

Table 29 describes Error Correction information for Oracle Application Performance Management

Table 29 Error Correction information for Oracle Application Performance Management

Patch Information

12.1.0.6

Comments

Final Patch

-

 

CPU On-Request platforms

-

 

Table 30 describes the minimum product requirements for Oracle Application Performance Management. Critical Patch Update security vulnerabilities are fixed in the listed releases. For more information on Oracle Application Performance Management, see http://www.oracle.com/technetwork/oem/app-performance-mgmt/index.html.

Table 30 Minimum Product Requirements for Oracle Application Performance Management

Product Version

Patch

Advisory Number

Comments

12.1.0.6.2

12.1.0.6.2 Release Patch 19712806

CVE-2014-6557

 

12.1.0.6.2

12.1.0.6.1 Release Patch 19498441

CVE-2014-6557

 

3.2.2 Oracle Database Management Plug-in (12.1.0.x)

Table 31 describes Error Correction information for Oracle Database Management Plug-in (12.1.0.x).

Table 31 Error Correction information for Oracle Database Management Plug-in (12.1.0.x)

Patch Information

12.1.0.5

12.1.0.4

Comments

Final Patch

April 2015

October 2014

 

PSU On-Request Platforms

-

-

 

Table 32 describes the available patches for Oracle Database Management Plug-in (12.1.0.x).

Table 32 Patch Set Update Availability for Oracle Database Management Plug-in (12.1.0.x)

Product Home

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Oracle Database Management Plug-in (12.1.0.5) Home

BP Patch 19281634

BP Patch 19281634

CVE-2014-6488

 

Oracle Database Management Plug-in (12.1.0.4) Home

BP Patch 19281602

BP Patch 19281602

CVE-2014-6488

 

3.2.3 Oracle Enterprise Manager Cloud Control 12c

Table 33 describes Error Correction information for Oracle Enterprise Manager Cloud Control 12c.

Table 33 Error Correction information for Oracle Enterprise Manager Cloud Control 12c

Patch Information

12.1.0.4

12.1.0.3

Comments

Final Patch

-

April 2015

 

PSU On-Request Platforms

-

-

 

Table 34 describes the available patches for Oracle Enterprise Manager Cloud Control 12c Release 4 (12.1.0.4).

Table 34 Patch Availability for Oracle Enterprise Manager Cloud Control 12c Release 4 (12.1.0.4)

Product Home

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Base Platform Repository home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform Fusion Middleware home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

 

Base Platform OMS home

PSU 12.1.0.4.1 Patch 19218456

PSU 12.1.0.4.1 Patch 19218456

NA

The 12.1.0.4 Enterprise Manager Cloud Control release includes all security vulnerabilities announced in the CPU Advisory

Base Platform Agent home

CPU Patch 18721761

CPU Patch 18721761

Released July 2014

JDBC Patch

Plugin home

BP Patch 19577205, or later

BP Patch 19577205, or later

CVE-2014-6488

 

Table 35 describes the available patches for Oracle Enterprise Manager Cloud Control 12c Release 3 (12.1.0.3).

Table 35 Patch Availability for Oracle Enterprise Manager Cloud Control 12c Release 3 (12.1.0.3)

Product Home

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Base Platform Repository home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform Fusion Middleware home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

 

Oracle Database Management Plug-in (12.1.0.x) home

See Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

See Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

See Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

 

Base Platform Agent home

CPU Patch 18721761

CPU Patch 18721761

Released July 2014

JDBC Patch

Base Platform OMS home

PSU 12.1.0.3.3 Patch 18604893

PSU 12.1.0.3.3 Patch 18604893

-

The 12.1.0.3 Enterprise Manager Cloud Control release includes all security vulnerabilities announced in the CPU Advisory

3.2.4 Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Table 36 describes Error Correction information for Oracle Enterprise Manager Grid Control 11g (11.1.0.1).

Table 36 Error Correction information for Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Patch Information

11.1.0.1

Comments

Final Patch

April 2018

 

PSU On-Request Platforms

-

 

Table 37 describes the available patches for Oracle Enterprise Manager Grid Control 11g (11.1.0.1).

Table 37 Patch Set Update Availability for Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Product Home

Patch

Advisory Number

Comments

Base Platform Repository Home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform OMS Home

PSU 11.1.0.1.11 Patch 19281042

CVE-2014-6488

 

Base Platform Fusion Middleware home

SPU Patch 14681307

Released October 2012

WLS 10.3.2.0 JDBC Patch (Not a SU). Before installing this SPU, see Note 1493990.1, Patching for CVE-2012-3137

Base Platform Fusion Middleware home

SPU Patch 18992301

SPU Patch 18992319

SPU Patch 18547380

SPU Patch 12875001

SPU Patch 18992350

SPU Patch 18992399

SPU Patch 14825824

SPU Patch 18992410

SPU Patch 19619633

Released July 2014

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released July 2014

Released January 2013

Released July 2014

CVE-2014-0114, CVE-2014-6534

WLS 10.3.2.0 JVM Patch (SU IDs: DHM2)

WLS 10.3.2.0 Deployment Patch (SU IDs: Y5B9)

WLS 10.3.2.0 CSS Patch (SU IDs: 9AVS)

WLS 10.3.2.0 JMS Patch (SU IDs: 9ZW7)

WLS 10.3.2.0 WebServices Patch (SU IDs: SAGA, 92E2, L8DT, A4JA, SK77, NFFE, BIMC)

WLS 10.3.2.0 Security Patch (SU IDs: VHAC, R4P6, NSYJ, 8279)

WLS 10.3.2.0 WebApp Patch (SU IDs: 9WCQ)

WLS 10.3.2.0 Core Patch (SU IDs: KAE4, H3QP, Y3IR)

WLS 10.3.2.0 Console Patch (SU IDs: FUEY)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

Base Platform Repository Home

CPU Patch 13705493

Released April 2012

OC4J 10.1.2.3 one-off Patch

Enterprise Manager Grid Control

Base Platform Agent Home

PSU 11.1.0.1.7 Patch 9346282

Released April 2012

 

3.2.5 Oracle Enterprise Manager Grid Control 10g (10.2.0.5)

Table 38 describes Error Correction information for Oracle Enterprise Manager Grid Control 10g (10.2.0.5).

Table 38 Error Correction information for Oracle Enterprise Manager Grid Control 10g (10.2.0.5)

Patch Information

10.2.0.5

Comments

Final Patch

October 2014

 

PSU On-Request Platforms

-

 

Table 39 describes the available patches for Oracle Enterprise Manager Grid Control 10g (10.2.0.5).

Table 39 Patch Availability for Oracle Enterprise Manager Grid Control 10g (10.2.0.5)

Product Home

Patch

Advisory Number

Comments

Base Platform Repository Home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform OMS Home

PSU 10.2.0.5.10 Patch 19281059

CVE-2014-6488

 

Base Platform OMS Home

OHT BP Patch 15880880

Released July 2013

OHT BP 10.1.3.5 for EMGC

Base Platform OMS Home

CPU Patch 14109229

Released January 2012

OC4J 10.1.2.3 one-off patch

Base Platform OMS Home

UNIX: CPU Patch 12837860

Microsoft Windows 32-bit: CPU Patch 12837864

Microsoft Windows Itanium 64-bit: CPU Patch 12837867

Released October 2011

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

Base Platform OMS Home

CPU Patch 12535904

Released July 2011

Applicable to HP-UX PA-RISC and HP-UX Itanium platforms only

Base Platform Agent Home

UNIX: PSU 10.2.0.5.3 Patch 9282414

Windows: PSU 10.2.0.5.3 Patch 9490898

Released April 2010

 

3.3 Oracle Fusion Middleware

This section contains the following:

·         Section 3.3.1, "Management Pack For Oracle GoldenGate"

·         Section 3.3.2, "Oracle AquaLogic Data Services Platform"

·         Section 3.3.3, "Oracle Beehive"

·         Section 3.3.4, "Oracle Business Intelligence App Mobile Designer"

·         Section 3.3.5, "Oracle Business Intelligence Enterprise Edition"

·         Section 3.3.6, "Oracle Business Intelligence Publisher"

·         Section 3.3.7, "Oracle Business Process Management"

·         Section 3.3.8, "Oracle Communications Converged Application Server"

·         Section 3.3.9, "Oracle Complex Event Processing and WebLogic Event Server"

·         Section 3.3.10, "Oracle Data Quality for Oracle Data Integrator"

·         Section 3.3.11, "Oracle Data Service Integrator"

·         Section 3.3.12, "Oracle Document Capture"

·         Section 3.3.13, "Oracle Endeca Server"

·         Section 3.3.14, "Oracle Endeca Information Discovery Studio"

·         Section 3.3.15, "Oracle Enterprise Data Quality"

·         Section 3.3.16, "Oracle Exalogic Patch Set Update (PSU)"

·         Section 3.3.17, "Oracle Forms and Reports 11g Release 2"

·         Section 3.3.18, "Oracle Fusion Middleware"

·         Section 3.3.19, "Oracle Hyperion Analytic Provider Services"

·         Section 3.3.20, "Oracle Hyperion BI+"

·         Section 3.3.21, "Oracle Hyperion Common Admin"

·         Section 3.3.22, "Oracle Hyperion EAS"

·         Section 3.3.23, "Oracle Hyperion Enterprise Performance Management Architect"

·         Section 3.3.24, "Oracle Hyperion Essbase"

·         Section 3.3.25, "Oracle Hyperion Strategic Finance"

·         Section 3.3.26, "Oracle Identity Access Management"

·         Section 3.3.27, "Oracle Identity Management"

·         Section 3.3.28, "Oracle Identity Management Connector"

·         Section 3.3.29, "Oracle Imaging and Process Management"

·         Section 3.3.30, "Oracle JDeveloper and Oracle ADF"

·         Section 3.3.31, "Oracle JRockit"

·         Section 3.3.32, "Oracle Map Viewer"

·         Section 3.3.33, "Oracle Outside In Technology"

·         Section 3.3.34, "Oracle Portal, Forms, Reports, and Discoverer 11g Release 1"

·         Section 3.3.35, "Oracle SOA Suite"

·         Section 3.3.36, "Oracle Traffic Director"

·         Section 3.3.37, "Oracle Web-Tier 11g Utilities"

·         Section 3.3.38, "Oracle WebCenter"

·         Section 3.3.39, "Oracle WebCenter Content (Formerly Oracle Universal Content Management)"

·         Section 3.3.40, "Oracle WebCenter Forms Recognition"

·         Section 3.3.41, "Oracle WebCenter Interaction"

·         Section 3.3.42, "Oracle WebCenter Portal"

·         Section 3.3.43, "Oracle WebCenter Sites (Formerly FatWire Content Server)"

·         Section 3.3.44, "Oracle WebCenter Suite"

·         Section 3.3.45, "Oracle WebGate"

·         Section 3.3.46, "Oracle WebLogic Integration"

·         Section 3.3.47, "Oracle WebLogic Portal"

·         Section 3.3.48, "Oracle WebLogic Server"

·         Section 3.3.49, "Oracle WebLogic Server and WebLogic Express"

·         Section 3.3.50, "Oracle WebLogic Server Plug-ins"

3.3.1 Management Pack For Oracle GoldenGate

Table 40 describes the Error Correction information for Management Pack For Oracle GoldenGate.

Table 40 Error Correction information for Management Pack For Oracle GoldenGate

Patch Information

11.1.1.1.0

Comments

Final Patch

-

 

Table 41 describes the available patches for Error Correction information for Management Pack For Oracle GoldenGate.

Table 41 Patch Availability for Management Pack For Oracle GoldenGate

Product Home

Patch

Advisory Number

Comments

11.1.1.1.0

BP 11.1.1.1.1 (BP1) Patch 16011619 or later

Released January 2013

 

3.3.2 Oracle AquaLogic Data Services Platform

Table 42 describes the Error Correction information for Oracle AquaLogic Data Services Platform.

Table 42 Error Correction information for Oracle AquaLogic Data Services Platform

Patch Information

ALDSP 3.2

ALDSP 3.0.1

Comments

Final Patch

April 2016

April 2016

 

Table 43 describes the available patches for Oracle AquaLogic Data Services Platform. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 43 Patch Availability for Oracle AquaLogic Data Services Platform

Product Home

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

3.0.1.0

CPU Patch 13705113

Released April 2012

NA

NA

WebLogic Server 9.2.2.0 one-off patch that needs to be applied to WebLogic Server home

3.2

CPU Patch 8272933

Released April 2009

NA

TXJJ

 

3.0.1

CPU Patch 8284035

Released April 2009

NA

QDWJ

 

3.3.3 Oracle Beehive

Oracle Beehive environments contain Oracle Database and Oracle Fusion Middleware homes. For more information, see My Oracle Support Note 758816.1, Applying Critical Patch Updates to Beehive 1.5.1.x though 2.0.1.x.

Table 44 describes Error Correction information for Oracle Beehive.

Table 44 Error Correction information for Oracle Beehive

Patch Information

Oracle Beehive 2.0.1.x

Comments

Minimum Product Requirement

2.0.1.4

Announced January 2011

Final Patch

Jan 2018

 

CPU On-Request Platforms

-

 

Table 45 describes the available patches for Oracle Beehive.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 45 Patch Availability for Oracle Beehive

Product Home

UNIX

Microsoft Windows (32-Bit)

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Oracle Beehive Server 2.0.1.x

CPU Patch 9173038

CPU Patch 9173038

Released January 2010

 

Oracle Beekeeper 2.0.1.x

NA

NA

 

 

3.3.4 Oracle Business Intelligence App Mobile Designer

Table 46 describes the Error Correction information for Oracle Business Intelligence App Mobile Designer.

Table 46 Error Correction information for Oracle Business Intelligence App Mobile Designer

Patch Information

11.1.1.7.0

Comments

Final Patch

-

 

Table 47 describes the available patches for Oracle Business Intelligence App Mobile Designer.

Table 47 Patch Availability for Oracle Business Intelligence App Mobile Designer

Product Home

Patch

Advisory Number

Comments

11.1.1.7.0

SPU Patch 18794832

Released July 2014

 

3.3.5 Oracle Business Intelligence Enterprise Edition

Table 48 describes the Error Correction information for Oracle Business Intelligence Enterprise Edition.

Table 48 Error Correction information for Oracle Business Intelligence Enterprise Edition

Patch Information

11.1.1.7.0

10.1.3.4.2

Comments

Final Patch

-

July 2015

 

Table 49 describes the available patches for Oracle Business Intelligence Enterprise Edition.

Customers on earlier versions of Oracle Business Intelligence Enterprise Edition 10.x will need to apply 10.1.3.4.1 and then apply the patch.

Table 49 Patch Availability for Oracle Business Intelligence Enterprise Edition

Product Home

Patch

Advisory Number

Comments

11.1.1.7.0

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

10.1.3.4.2

BP Patch 14625193

Released October 2012

BIP Patch

3.3.6 Oracle Business Intelligence Publisher

Table 50 describes the Error Correction information for Oracle Business Intelligence Publisher.

Table 50 Error Correction information for Oracle Business Intelligence Publisher

Patch Information

11.1.1.7.0

10.1.3.4.2

Comments

Final Patch

-

July 2015

 

Table 51 describes the available patches for Oracle Business Intelligence Publisher.

Customers on earlier versions of Oracle Business Intelligence Publisher 10.x will need to apply 10.1.3.4.1 and then apply the patch.

Table 51 Patch Availability for Oracle Business Intelligence Publisher

Product Home

Patch

Advisory Number

Comments

11.1.1.7.0

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

10.1.3.4.2

BP Patch 14625193

Released October 2012

See My Oracle Support Note 797057.1, Overview of Available Update Patches for Oracle BI Publisher Enterprise 10g

3.3.7 Oracle Business Process Management

Follow the special instructions below to download Oracle Business Process Management patches.

1.  Click Patches & Updates after logging into My Oracle Support.

2.  Search for Oracle Business Process Management Suite.

3.  Search for the required BPM release by clicking Select up to 10.

4.  Select the patch with the build number that is indicated in Table 53, or the patch with higher build number than what is indicated for the platform you are about to update, for example: EnterpriseJ2EE, Studio, or EnterpriseSA.

5.  Download the patch.

Table 52 describes the Error Correction information for Oracle Business Process Management.

Table 52 Error Correction information for Oracle Business Process Management

Patch Information

10.3.2

6.0.5

Comments

Final Patch

January 2017

July 2014

 

Table 53 describes the available patches for Oracle Business Process Management.

Table 53 Patch Availability for Oracle Business Process Management

Product Home

Patch

Advisory Number

Comments

BPM 10.3.2

100375

Released July 2010

See the instructions above on how to download the patch

BPM 6.0.5

100247

Released July 2010

See the instructions above on how to download the patch

3.3.8 Oracle Communications Converged Application Server

Table 54 describes the Error Correction information for Oracle Communications Converged Application Server.

Table 54 Error Correction information for Oracle Communications Converged Application Server

Patch Information

5.0

4.0

Comments

Final Patch

July 2018

July 2015

 

Table 55 describes the available patches for Oracle Communications Converged Application Server. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 55 Patch Availability for Oracle Communications Application Server

Oracle Communications Converged Application Server

Patch

Advisory Number

Comments

5.0

SPU Patch 14364893

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 14825824

CPU Patch 10625676

CPU Patch 18767762

Released October 2012

Released October 2011

Released October 2011

Released October 2011

Released January 2013

Released January 2011

Released July 2013

WLS 10.3.0.0 CSS Patch

WLS 10.3.3.0 JMS Patch

WLS 10.3.3.0 WebServices Patch

WLS 10.3.3.0 Security Patch

WLS 10.3.3.0 WebApp Patch

WLS 10.3.3.0 Core Patch

WLS 10.3.3.0 Console Patch

4.0

SPU Patch 14364893

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 14825824

CPU Patch 10625676

CPU Patch 18767762

Released October 2012

Released October 2011

Released October 2011

Released October 2011

Released January 2013

Released January 2011

Released July 2013

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

3.3.9 Oracle Complex Event Processing and WebLogic Event Server

Table 56 describes the Error Correction information for Oracle Complex Event Processing and WebLogic Event Server.

Table 56 Error Correction information for Oracle Complex Event Processing and WebLogic Event Server

Patch Information

CEP 11.1.7

EVS 2.0

Comments

Final Patch

October 2018

July 2014

 

Table 57 describes the available patches for Oracle Complex Event Processing and WebLogic Event Server. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 57 Patch Availability for Oracle Complex Event Processing and WebLogic Event Server

Product Home

Patch

Advisory Number

Comments

11.1.1.7

SPU Patch 18140721

Released April 2014

 

EVS 2.0

Upgrade to 11.1.1.x version, then apply the patch for that version

Released October 2012

 

3.3.10 Oracle Data Quality for Oracle Data Integrator

Table 58 describes the Error Correction information for Oracle Data Quality for Oracle Data Integrator.

Table 58 Error Correction information for Oracle Data Quality for Oracle Data Integrator

Patch Information

ODIDQ 10.3.0

Comments

Final Patch

-

 

Table 59 describes the available patches for Oracle Data Quality for Oracle Data Integrator.

Table 59 Patch Availability for Oracle Data Quality for Oracle Data Integrator

Product Home

Patch

Advisory Number

Comments

11.1.1.3.0

CPU Patch 18177015

Released April 2014

 

3.3.11 Oracle Data Service Integrator

Table 60 describes the Error Correction information for Oracle Data Service Integrator.

Table 60 Error Correction information for Oracle Data Service Integrator

Patch Information

ODSI 10.3.0

Comments

Final Patch

January 2017

 

Table 61 describes the available patches for Data Service Integrator. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 61 Patch Availability for Oracle Data Service Integrator

Product Home

Patch

Advisory Number

Comments

10.3.0

OR

OR

SPU Patch 18526551

SPU Patch 12875001

OR

OR

SPU Patch 14825824

OR

OR

Released July 2014

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released July 2014

Released January 2013

Released July 2014

Released July 2014

WLS 10.3.0.0 JVM Patch

WLS 10.3.0.0 Deployment Patch

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

10.3.0

CPU Patch 8268258

Released April 2009

ODSI Patch

3.3.12 Oracle Document Capture

Table 62 describes the Error Correction information for Oracle Document Capture.

Table 62 Error Correction information for Oracle Document Capture

Patch Information

10.1.3.5.1

Comments

Final Patch

October 2015

 

Table 63 describes the available patches for Oracle Document Capture.

Table 63 Patch Availability for Oracle Document Capture

Product Home

Patch

Advisory Number

Comments

Oracle Document Capture 10.1.3.5.1 home

CPU Patch 16312671

Released April 2013

 

3.3.13 Oracle Endeca Server

Table 64 describes the Error Correction information for Oracle Endeca Server.

Table 64 Error Correction information for Oracle Endeca Server

Patch Information

Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)

7.5.x

7.4.x

Comments

Final Patch

April 2016

-

July 2020

 

Table 65 describes the minimum version information for Oracle Endeca Server.

Table 65 Minimum Product Requirements for Oracle Endeca Server 7.5.x

Patch Information

7.5.x

Advisory Number

Comments

Minimum Version

7.5.1.1

Released July 2013

 

Table 66 describes the available patches for Oracle Endeca Server.

Table 66 Patch availability for Oracle Endeca Server 7.4.x

Product Home

Patch

Advisory Number

Comments

Oracle Endeca Server 7.4 home

SPU Patch 16822423

Released July 2013

 

Table 67 describes the available patches for Oracle Endeca Server (Formerly Latitude).

Table 67 Patch Availability for Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)

Product Home

Patch

Advisory Number

Comments

Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude) home

See My Oracle Support Note 1629648.1

Released April 2014

 

3.3.14 Oracle Endeca Information Discovery Studio

Table 68 describes the available patches for Oracle Endeca Information Discovery Studio.

Table 68 Patch availability for Oracle Endeca Information Discovery Studio

Product Home

Patch

Advisory Number

Comments

Oracle Endeca Information Discovery Studio 3.1 home

SPU Patch 19663929

CVE-2014-0224, CVE-2014-0050

See Note 1906844.1 Transfer/reinstall Oracle Endeca Information Discovery (EID) Studio and migrate configuration to a newly-installed latest version of Apache Tomcat 6.0.x

Oracle Endeca Information Discovery Studio 3.0 home

SPU Patch 19663937

CVE-2014-0050

 

Oracle Endeca Information Discovery Studio 2.4 home

SPU Patch 19663946

CVE-2014-0050

 

Oracle Endeca Information Discovery Studio 2.3 home

SPU Patch 19663972

CVE-2014-0050

 

Oracle Endeca Information Discovery Studio 2.2.2 home

SPU Patch 19663982

CVE-2014-0050

 

3.3.15 Oracle Enterprise Data Quality

Table 69 describes the Error Correction information for Oracle Enterprise Data Quality.

Table 69 Error Correction information for Oracle Enterprise Data Quality

Patch Information

9.0.11

8.1.12

Comments

Final Patch

October 2019

July 2019

 

Table 70 describes the available patches for Oracle Enterprise Data Quality.

Table 70 Patch Availability for Oracle Enterprise Data Quality

Product Home

Patch

Advisory Number

Comments

Oracle Enterprise Data Quality 9.0.11 home

SPU Patch 19320253

CVE-2014-0119

See My Oracle Support Note 1595538.1, How To Upgrade The Apache Tomcat Version Installed By The EDQ (Enterprise Data Quality) Windows Installer

Oracle Enterprise Data Quality 8.1.12 home

SPU Patch 18709680

CVE-2014-0119, CVE-2014-0114

See My Oracle Support Note 1595538.1, How To Upgrade The Apache Tomcat Version Installed By The EDQ (Enterprise Data Quality) Windows Installer

3.3.16 Oracle Exalogic Patch Set Update (PSU)

Table 71 describes the Error Correction information for Exalogic Patch Set Update (PSU).

Table 71 Error Correction information for Oracle Exalogic Patch Set Update (PSU)

Patch Information

2.x

1.x

Comments

Final Patch

-

-

 

Table 72 describes the available patches for Oracle Exalogic.

Table 72 Patch Set Update Availability for Oracle Exalogic

Oracle Exalogic

Patch

Advisory Number

Comments

2.x Physical

2.0.6.1.2 Physical Linux x86-64 (X4-2) PSU Patch 18630746

2.0.3.0.7 Physical Linux x86-64 (X3-2, X2-2) PSU Patch 18630746

2.0.6.1.2 Physical Solaris x86-64 (X4-2) PSU Patch 18630746

2.0.4.0.7 Physical Solaris x86-64 (X3-2, X2-2) PSU Patch 18630746

Released July 2014

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

2.x Virtual

2.0.6.1.2 Virtual (X4-2) PSU Patch 18630693

2.0.6.0.2 Virtual (X3-2, X2-2) PSU Patch 18630693

Released July 2014

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

1.x

Exalogic Infrastructure 2.0.6.0.1 Virtual (X3-2, X2-2) PSU Patch 14834860

Released October 2012

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

3.3.17 Oracle Forms and Reports 11g Release 2

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Forms and Reports 11g Release 2 installation. Only the relevant homes from those tables need to be patched.

Table 73 describes the available patches for Oracle Forms and Reports 11g Release 2.

Table 73 Patch Availability for Oracle Forms and Reports 11g Release 2

Product Home

Patches

Comments

Oracle Forms and Reports 11.1.2.2 home

See Section 3.3.18.4, "Oracle Forms and Reports 11.1.2.2"

 

Oracle Forms and Reports 11.1.2.1 home

See Section 3.3.18.5, "Oracle Forms and Reports 11.1.2.1"

 

3.3.18 Oracle Fusion Middleware

For more information on how to identify the components in an Oracle home, see Note 1591483.1, What is Installed in My Middleware or Oracle home?

This section contains the following:

·         Section 3.3.18.1, "Oracle Fusion Middleware 12.1.3.0"

·         Section 3.3.18.2, "Oracle Fusion Middleware 12.1.2.0"

·         Section 3.3.18.3, "Oracle Fusion Middleware 12.1.1.0"

·         Section 3.3.18.4, "Oracle Forms and Reports 11.1.2.2"

·         Section 3.3.18.5, "Oracle Forms and Reports 11.1.2.1"

·         Section 3.3.18.6, "Oracle WebCenter 11.1.1.8"

·         Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

·         Section 3.3.18.8, "Oracle Fusion Middleware 11.1.1.5"

·         Section 3.3.18.9, "Oracle Fusion Middleware 10.1.3.5.x"

·         Section 3.3.18.10, "Oracle Identity Access Management 11.1.2.2"

·         Section 3.3.18.11, "Oracle Identity Access Management 11.1.2.1"

3.3.18.1 Oracle Fusion Middleware 12.1.3.0

Table 74 describes the Error Correction information for Oracle Fusion Middleware 12.1.3.0.

Table 74 Error Correction information for Oracle Fusion Middleware 12.1.3.0

Patch Information

12.1.3.0

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 75 describes the available patches for Oracle Fusion Middleware 12.1.3.0.

Table 75 Patch Availability for Oracle Fusion Middleware 12.1.3.0

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

 

Oracle WebLogic Server 12.1.3.0

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

 

Third Party Oracle WebLogic Server Plug-ins

Oracle WebLogic Server 12.1.3.0

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet

Oracle HTTP Server 12c 12.1.3.0

Oracle Infrastructure 12c 12.1.3.0

Oracle SOA 12c 12.1.3.0

SPU Patch 19591087

CVE-2014-6522

Oracle ADF 12.1.3.0 Patch

3.3.18.2 Oracle Fusion Middleware 12.1.2.0

Table 76 describes the Error Correction information for Oracle Fusion Middleware 12.1.2.0.

Table 76 Error Correction information for Oracle Fusion Middleware 12.1.2.0

Patch Information

12.1.2.0

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 77 describes the available patches for Oracle Fusion Middleware 12.1.2.0.

Table 77 Patch Availability for Oracle Fusion Middleware 12.1.2.0

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

 

Oracle WebLogic Server 12.1.2.0

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

 

Third Party Oracle WebLogic Server Plug-ins

Oracle WebLogic Server 12.1.2.0

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet

Oracle HTTP Server 12c 12.1.2.0

Oracle Infrastructure 12c 12.1.2.0

Oracle SOA 12c 12.1.2.0

SPU Patch 19591074

CVE-2014-6522

Oracle ADF 12.1.2.0 Patch

Oracle HTTP Server 12c 12.1.2.0.0

SPU Patch 17849231

Released January 2014

Oracle Security Service (SSL/Network) Patch

Oracle HTTP Server 12c 12.1.2.0

Oracle Infrastructure 12c 12.1.2.0

SPU Patch 17621876

Released January 2014

Oracle Help Technologies Patch

Oracle HTTP Server 12c 12.1.2.0

SPU Patch 17723709

Released January 2014

Oracle HTTP Server (OHS) Patch

3.3.18.3 Oracle Fusion Middleware 12.1.1.0

Table 78 describes the Error Correction information for Oracle Fusion Middleware 12.1.1.0.

Table 78 Error Correction information for Oracle Fusion Middleware 12.1.1.0

Patch Information

12.1.1.0

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 79 describes the available patches for Oracle Fusion Middleware 12.1.1.0.

Table 79 Patch Availability for Oracle Fusion Middleware 12.1.1.0

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

 

Oracle WebLogic Server 12.1.1.0

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

 

Third Party Oracle WebLogic Server Plug-ins

Oracle WebLogic Server 12.1.1.0

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet

3.3.18.4 Oracle Forms and Reports 11.1.2.2

Table 80 describes the Error Correction information for Oracle Forms and Reports 11.1.2.2.

Table 80 Error Correction information for Oracle Forms and Reports 11.1.2.2

Patch Information

11.1.2.2

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 81 describes the available patches for Oracle Forms and Reports 11.1.2.2.

Table 81 Patch Availability for Oracle Forms and Reports 11.1.2.2

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Third Party Oracle WebLogic Server Plug-ins Oracle Forms and Reports 11.1.2.2 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

Oracle Forms and Reports 11.1.2.2 home

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

Before patching an Oracle Database Server, you might need to patch the Database 11.1.0.7 client in the Fusion Middleware home. Before installing the applicable patches, see Note 1493990.1Patching for CVE-2012-3137

Third Party Oracle WebLogic Server Plug-ins

Oracle Forms and Reports 11.1.2.3 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 19591065

CVE-2014-6522

Oracle ADF 11.1.1.7 Patch

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 18423801

Released July 2014

Oracle Process Management and Notification (OPMN) Patch

See Note 1905314.1, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS

Oracle Forms and Reports 11.1.2.2 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies Patch

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 17664563

Released January 2014

Oracle HTTP Server 11.1.1.7 Patch

Oracle Forms and Reports 11.1.2.2 home

CPU Patch 17337741

Released October 2013

Oracle Security Service (SSL/Network) Patch

Oracle Forms and Reports 11.1.2.1 home

See My Oracle Support Note 1608683.1

Released January 2014

Oracle Reports Advisory

3.3.18.5 Oracle Forms and Reports 11.1.2.1

Table 82 describes the Error Correction information for Oracle Forms and Reports 11.1.2.1.

Table 82 Error Correction information for Oracle Forms and Reports 11.1.2.1

Patch Information

11.1.2.1

Comments

Final Patch

January 2014

Oracle Fusion Middleware 11.1.1.6.0

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 83 describes the available patches for Oracle Forms and Reports 11.1.2.1.

Table 83 Patch Availability for Oracle Forms and Reports 11.1.2.1

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle Forms and Reports 11.1.2.1 home

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

Before patching an Oracle Database Server, you might need to patch the Database 11.1.0.7 client in the Fusion Middleware home. Before installing the applicable patches, see Note 1493990.1Patching for CVE-2012-3137

Third Party Oracle WebLogic Server Plug-ins

Oracle Forms and Reports 11.1.2.1 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

Oracle Forms and Reports 11.1.2.1 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Forms and Reports 11.1.2.1 home

See My Oracle Support Note 1608683.1

Released January 2014

Oracle Reports Advisory

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 17664562

Released January 2014

Oracle HTTP Server 11.1.1.6 Patch

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 17617669

Released January 2014

Oracle Help Technologies Patch

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 16920856

Released October 2013

WebServices Patch

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 17337730

Released October 2013

Oracle Security Service (SSL/Network) Patch

3.3.18.6 Oracle WebCenter 11.1.1.8

Table 84 describes the Error Correction information for Oracle WebCenter 11.1.1.8.

Table 84 Error Correction information for Oracle WebCenter 11.1.1.8

Patch Information

11.1.1.8

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 85 describes the available patches for Oracle WebCenter 11.1.1.8.

Table 85 Patch Availability for Oracle WebCenter 11.1.1.8

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Third Party Oracle WebLogic Server Plug-ins Oracle WebCenter 11.1.1.8.0 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

Oracle WebCenter 11.1.1.8.0 home

SPU Patch 19591065

CVE-2014-6522

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle WebCenter 11.1.1.8.0 home

Oracle WebCenter Portal BP 11.1.1.8.4 Patch 18633874 or later

Released July 2014

Oracle WebCenter Portal 11.1.1.8.0 patch

Oracle WebCenter 11.1.1.8.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies 11.1.1.7.0 Patch

Oracle WebCenter Content 11.1.1.8 home

Oracle WebCenter Content BP 2 Patch 17453460 or later

Released October 2013

 

3.3.18.7 Oracle Fusion Middleware 11.1.1.7

Table 86 describes the Error Correction information for Oracle Fusion Middleware 11.1.1.7.

Table 86 Error Correction information for Oracle Fusion Middleware 11.1.1.7

Patch Information

11.1.1.7

Comments

Final Patch

July 2014

Oracle WebCenter 11.1.1.7

CPU On-Request Platforms

-

 

Table 87 describes the available patches for Oracle Fusion Middleware 11.1.1.7.

Table 87 Patch Availability for Oracle Fusion Middleware 11.1.1.7

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Third Party Oracle WebLogic Server Plug-ins

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

 

Oracle Identity Access Management 11.1.1.7.0 home

SPU Patch 19768130

CVE-2014-0114

Oracle Adaptive Access Manager Patch

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Access Manager BP 2 (11.1.1.7.2) Patch 19730938 or later

CVE-2014-6552, CVE-2014-6553

Oracle Access Manager (OAM 11.1.1.7.2) Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

SPU Patch 19666962

CVE-2014-6487, CVE-2014-2880

CVE-2014-0114 for Oracle Identity Manager Patch

Oracle Identity Manager Patch

See Note 1927796.1, Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions)

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

Oracle SOA Suite 11.1.1.7.0 home

Oracle WebCenter Suite 11.1.1.7.0 home

SPU Patch 19591065

CVE-2014-6522

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

SPU Patch 18423801

Released July 2014

Oracle Process Management and Notification (OPMN) Patch

See Note 1905314.1, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS

Oracle WebCenter 11.1.1.7.0 home

Overlay SPU Patch 18792010 and 11.1.1.7.0 BP 1 Patch 16761779

Released July 2014

WebCenter Portal 11.1.1.7.0 Overlay SPU patch

Oracle Identity Access Management 11.1.1.7.0 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See My Oracle Support Note 1608683.1

Released January 2014

 

Oracle Identity Management 11.1.1.7.0 home

CPU Patch 17842883 and

CPU Patch 17839633

Released January 2014

Oracle Internet Directory Patch

Patch 17842883 for HP-UX Itanium, HP-UX PA-RISC (64-bit), Linux x86, Microsoft Windows (32-bit)

Patch 17839633 for Linux x86-64, IBM AIX Based Systems (64-bit), Sun Solaris x86-64 (64-bit), Sun Solaris SPARC (64-bit), Microsoft Windows x64 (64-bit)

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

Oracle SOA Suite 11.1.1.7.0 home

Oracle WebCenter Suite 11.1.1.7.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

SPU Patch 17664563

Released January 2014

Oracle HTTP Server 11.1.1.7 Patch

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

SPU Patch 17306880

Released October 2013

Web Cache Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

CPU Patch 17337741

Released October 2013

Oracle Security Service (SSL/Network) Patch

Oracle WebCenter Content 11.1.1.7 home

BP 2 Patch 17180477 or higher

Released October 2013

 

3.3.18.8 Oracle Fusion Middleware 11.1.1.5

Table 88 describes the Error Correction information for Oracle Fusion Middleware 11.1.1.5.

Table 88 Error Correction information for Oracle Fusion Middleware 11.1.1.5

Patch Information

11.1.1.5.0

Comments

Final Patch

January 2013

Oracle Fusion Middleware 11.1.1.5.0

Final Patch

April 2015

Oracle Identity Access Management 11.1.1.5

CPU On-Request Platforms

-

 

Table 89 describes the available patches for Oracle Fusion Middleware 11.1.1.5.

Table 89 Patch Availability for Oracle Fusion Middleware 11.1.1.5

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

3rd Party Oracle WebLogic Server Plug-ins

Oracle Identity Management 11.1.1.5.0 home

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Web Tier 11.1.1.5.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.5.0 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

Oracle Identity Access Management 11.1.1.5.0 home

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

See Section 3.1.4.6, "Oracle Database 11.1.0.7"

Before patching an Oracle Database Server, you might need to patch the Database 11.1.0.7 client in the Fusion Middleware home. Before installing the applicable patches, see Note 1493990.1Patching for CVE-2012-3137

Oracle Identity Management 11.1.1.5.0 home

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Adaptive Access Manager BP 3 (11.1.1.5.3) Patch 19730923 or later

CVE-2014-0114

Oracle Adaptive Access Manager (OAAM 11.1.1.5.3) Patch

Oracle Identity Management 11.1.1.5.0 home

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Access Manager BP 7 (11.1.1.5.7) Patch 19730928 or later

CVE-2014-6552, CVE-2014-6553

Oracle Access Manager (OAAM 11.1.1.5.7) Patch

Oracle Identity Management 11.1.1.5.0 home

Oracle Identity Access Management 11.1.1.5.0 home

SPU Patch 19696852

CVE-2014-6487, CVE-2014-2880

CVE-2014-0114 for Oracle Identity Manager Patch

Oracle Identity Manager Patch

See Note 1927796.1, Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions)

Oracle Identity Access Management 11.1.1.5.0 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Identity Management Suite

BP 11.1.1.5.7 Patch 18490364 or later

Released April 2014

Oracle Identity Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Identity Analytics BP 11.1.1.5.7 Patch 18182466 or higher

Released April 2014

Oracle Identity Analytics Patch

Oracle Identity Access Management 11.1.1.5.0 home

SPU Patch 18355263 and BP Patch 14828904

Released April 2014

WebGate Patch

Oracle Identity Access Management 11.1.1.5.0 home

SPU Patch 17617673

Released January 2014

Oracle Help Technologies Patch

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Identity Management Suite BP 11.1.1.5.5 Patch 17178952 or later

Released October 2013

Oracle Access Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

11.1.1.5.4 BP Patch 14188199 or higher

Released July 2013

Oracle Access Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

CPU Patch 14003475

Released July 2012

Oracle HTTP Server Patch

Oracle Identity Access Management 11.1.1.5.0 home

CPU Patch 13113602

Released January 2012

Oracle Web Services Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

CPU Patch 12434187

Released July 2011

Network

For Solaris x86-64, (Identity Management and Web Tier homes), apply specific mandatory patches. For more information, see My Oracle Support Note 1343107.1

3.3.18.9 Oracle Fusion Middleware 10.1.3.5.x

Table 90 describes the Error Correction information for Oracle Fusion Middleware 10.1.3.5.x.

Table 90 Error Correction information for Oracle Fusion Middleware 10.1.3.5.x

Patch Information

10.1.3.5.x

Comments

Final Patch

Oracle SOA Suite: October 2014

JDeveloper: April 2017

Application Development Framework: April 2017

Oracle HTTP Server: April 2017

Oracle Container for Java (OC4J): April 2017

TopLink: April 2017

For all other components that are NOT listed here, see the Comments section in the LSP document.

For more information, see Lifetime Support Policy for Oracle Fusion Middleware

CPU On-Request Platforms

Oracle Solaris x86-64

 

Table 91 describes the available patches for Oracle Fusion Middleware 10.1.3.5.x.

Table 91 Patch Availability for Oracle Fusion Middleware 10.1.3.5.x

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle Application Server 10g Release 3

Oracle HTTP Server 2.0 standalone home

Oracle SOA Suite 10g

Oracle WebCenter Suite 10g

Oracle SOA Suite 10g for WebLogic Server

UNIX: CPU Patch 18272678

Microsoft Windows (32-Bit): CPU Patch 18272679

Microsoft Windows Itanium (64-Bit): CPU Patch 18272681

Released April 2014

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

OC4J Standalone home

SPU Patch 18272621

Released April 2014

Patch for OC4J Standalone 10.1.3.5 media available on OTN http://www.oracle.com/technetwork/middleware/ias/downloads/utilsoft-090603.html

Oracle Application Server 10g Release 3

See My Oracle Support Note 1586861.1

Released October 2013

 

Oracle Application Server 10g Release 3

OC4J Standalone home

Oracle SOA Suite 10g

SPU Patch 16920865

Released October 2013

WebServices Patch

OC4J Standalone home

CPU Patch 14123312

Released July 2012

Enterprise Manager AS Control Patch

Patch for OC4J Standalone 10.1.3.5 media available on OTN http://www.oracle.com/technetwork/middleware/ias/downloads/utilsoft-090603.html

Oracle SOA Suite 10g for WebLogic Server

CPU Patch 12539587

Released October 2011

Oracle Web Services Manager (OWSM) Patch

Oracle SOA Suite 10g

Oracle WebCenter Suite 10g

CPU Patch 12957596

Released October 2011

Oracle Web Services Manager (OWSM) Patch

3.3.18.10 Oracle Identity Access Management 11.1.2.2

Table 92 describes the Error Correction information for Oracle Identity Access Management 11.1.2.2.

Table 92 Error Correction information for Oracle Fusion Middleware 11.1.2.2

Patch Information

11.1.2.2

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 93 describes the available patches for Oracle Identity Access Management 11.1.2.2.

Table 93 Patch Availability for Oracle Identity Access Management 11.1.2.2

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Third Party Oracle WebLogic Server Plug-ins

Oracle Identity Management 11.1.2.2.0 home

Oracle Identity Access Management 11.1.2.2.0 home

Oracle Web Tier 11.1.2.2.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.2.2.0 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Access Management 11.1.2.2.0 home

Oracle Identity Manager Suite BP 3 (11.1.2.2.3) Patch 19157573 or later

CVE-2014-6552, CVE-2014-6554, CVE-2014-6549

CVE-2014-6462 for Oracle Access Manager (OAM 11.1.2.2.3) Patch

CVE-2014-0114 for Oracle Adaptive Access Manager Patch

Oracle Access Manager (OAM 11.1.2.2.3) Patch

Oracle Adaptive Access Manager (OAAM 11.1.2.2.1) Patch

Oracle Identity Access Management 11.1.2.2.0 home

Oracle Identity Manager BP 4 (11.1.2.2.4) Patch 19479688 or later

CVE-2014-6487, CVE-2014-2880

CVE-2014-0114 for Oracle Identity Manager Patch

Oracle Identity Manager (OIM 11.1.2.2.4) Patch

See Note 1927796.1, Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions)

Oracle Identity Access Management 11.1.2.2.0 home

SPU Patch 19591065

CVE-2014-6522

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle Identity Access Management 11.1.2.2.0 home

My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Identity Access Management 11.1.2.2.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies Patch

3.3.18.11 Oracle Identity Access Management 11.1.2.1

Table 94 describes the Error Correction information for Oracle Identity Access Management 11.1.2.1.

Table 94 Error Correction information for Oracle Fusion Middleware 11.1.2.1

Patch Information

11.1.2.1

Comments

Final Patch

-

Oracle Fusion Middleware 11.1.2.1

Final Patch

January 2014

Oracle Fusion Middleware 11.1.1.6

CPU On-Request Platforms

-

 

Table 95 describes the available patches for Oracle Identity Access Management 11.1.2.1.

Table 95 Patch Availability for Oracle Identity Access Management 11.1.2.1

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.48, "Oracle WebLogic Server"

See Section 3.3.48, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Third Party Oracle WebLogic Server Plug-ins

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Access Management 11.1.2.1.0 home

Oracle Identity Manager Suite BP 5 (11.1.2.1.5) Patch 19157616 or later

CVE-2014-6552, CVE-2014-6554, CVE-2014-6549

CVE-2014-6462 for Oracle Access Manager (OAM 11.1.2.1.4) Patch

CVE-2014-0114 for Oracle Adaptive Access Manager (OAAM 11.1.2.1.3) Patch

Oracle Access Manager (OAM 11.1.2.1.4) Patch

Oracle Adaptive Access Manager (OAAM 11.1.2.1.3) Patch

Oracle Identity Access Management 11.1.2.1.0 home

Oracle Identity Manager BP 9 (11.1.2.1.9) Patch 19245744 or later

CVE-2014-6487, CVE-2014-2880

CVE-2014-0114 for Oracle Identity Manager Patch

Oracle Identity Manager (OIM 11.1.2.1.9) Patch

See Note 1927796.1 Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions)

Oracle Identity Access Management 11.1.2.1.0 home

SPU Patch 19591065

CVE-2014-6522

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle Identity Access Management 11.1.2.1.0 home

My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Identity Access Management 11.1.2.1 home

SPU Patch 17617673

Released January 2014

Oracle Help Technologies Patch

Oracle Identity Access Management 11.1.2.1 home

Oracle Identity Manager BP 11.1.2.1.3 Patch 17532765 or later

Released January 2014

Oracle Identity Manager Patch

Oracle Identity Access Management 11.1.2.1 home

SPU Patch 16920856

Released October 2013

WebServices Patch

Oracle Identity Access Management 11.1.2.1 home

SPU Patch 16262532

Released April 2013

Oracle Web Services Manager Patch

3.3.19 Oracle Hyperion Analytic Provider Services

Table 96 describes the Error Correction information for Oracle Hyperion Analytic Provider Services.

Table 96 Error Correction information for Oracle Hyperion Analytic Provider Services

Patch Information

11.1.2.x

Comments

Final Patch

April 2021

 

Table 97 describes the available patches for Oracle Hyperion Analytic Provider Services, based on release.

Table 97 Patch Availability for Oracle Hyperion Analytic Provider Services

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 17767293

Released July 2014

 

11.1.2.2

SPU Patch 18148649

Released July 2014

 

3.3.20 Oracle Hyperion BI+

Table 98 describes the Error Correction information for Oracle Hyperion BI+.

Table 98 Error Correction information for Oracle Hyperion BI+

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 99 describes the available patches for Oracle Hyperion BI+, based on release.

Table 99 Patch Availability for Oracle Hyperion BI+

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 17529887 and SPU Patch 18383790

Released July 2014

 

11.1.2.2

SPU Patch 18659116 and SPU Patch 18856417

Released July 2014

 

3.3.21 Oracle Hyperion Common Admin

Table 100 describes the Error Correction information for Oracle Hyperion Common Admin.

Table 100 Error Correction information for Oracle Hyperion Common Admin

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 101 describes the available patches for Oracle Hyperion Common Admin.

Table 101 Patch Availability for Oracle Hyperion Common Admin

Product Home

Patch

Advisory Number

Comments

11.1.2.3

CPU Patch 18672071

Released July 2014

 

11.1.2.2

CPU Patch 18659116

Released July 2014

 

3.3.22 Oracle Hyperion EAS

Table 102 describes the Error Correction information for Oracle Hyperion EAS.

Table 102 Error Correction information for Oracle Hyperion EAS

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 103 describes the available patches for Oracle Hyperion EAS, based on release.

Table 103 Patch Availability for Oracle Hyperion EAS

Product Home

Patch

Advisory Number

Comments

11.1.2.3

Admin Server Patch 17417347

Admin Console Patch 17417344

Released January 2014

 

11.1.2.2

Admin Server Patch 17277761

Admin Console Patch 17277764

Released January 2014

 

11.1.2.1

Admin Server Patch 17545122

Admin Console Patch 17545124

Released January 2014

 

3.3.23 Oracle Hyperion Enterprise Performance Management Architect

Table 104 describes the Error Correction information for Oracle Hyperion Enterprise Performance Management Architect.

Table 104 Error Correction information for Oracle Hyperion Enterprise Performance Management Architect

Patch Information

11.1.2.x

Comments

Final Patch

April 2021

 

Table 105 describes the available patches for Oracle Hyperion Enterprise Performance Management Architect.

Table 105 Patch Availability for Oracle Hyperion Enterprise Performance Management Architect

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 17529887 and SPU Patch 18383790

Released July 2014

 

11.1.2.2

SPU Patch 18659116 and SPU Patch 18856417

Released July 2014

 

3.3.24 Oracle Hyperion Essbase

Table 106 describes the Error Correction information for Oracle Hyperion Essbase.

Table 106 Error Correction information for Oracle Hyperion Essbase

Patch Information

11.1.2.x

Comments

Final Patch

April 2021

 

Table 107 describes the available patches for Oracle Hyperion Essbase.

Table 107 Patch Availability for Oracle Hyperion Essbase

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 18505489

Released July 2014

 

11.1.2.2

SPU Patch 18520684

Released July 2014

 

3.3.25 Oracle Hyperion Strategic Finance

Table 108 describes the Error Correction information for Oracle Hyperion Strategic Finance.

Table 108 Error Correction information for Oracle Hyperion Strategic Finance

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 109 describes the available patches for Oracle Hyperion Strategic Finance.

Table 109 Patch Availability for Oracle Hyperion Strategic Finance

Product Home

Patch

Advisory Number

Comments

11.1.2.2

CPU Patch 14593946

Released April 2014

 

11.1.2.1

CPU Patch 17636270

Released April 2014

 

3.3.26 Oracle Identity Access Management

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Identity Access Management installation. Only the relevant homes from those tables need to be patched.

Table 110 describes the available patches for Oracle Identity Access Management.

Table 110 Patch Availability for Oracle Identity Access Management

Product Home

Patches

Comments

Oracle Identity Access Management 11.1.2.2 home

See Section 3.3.18.10, "Oracle Identity Access Management 11.1.2.2"

 

Oracle Identity Access Management 11.1.2.1 home

See Section 3.3.18.11, "Oracle Identity Access Management 11.1.2.1"

 

Oracle Identity Access Management 11.1.1.7.0 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle Identity Access Management 11.1.1.5.0 home

See Section 3.3.18.8, "Oracle Fusion Middleware 11.1.1.5"

 

3.3.27 Oracle Identity Management

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Identity Management installation. Only the relevant homes from those tables need to be patched.

Table 111 describes the available patches for Oracle Identity Management.

Table 111 Patch Availability for Oracle Identity Management

Product Home

Patches

Comments

Oracle Identity Management 11.1.1.7.0 home

See Section Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.28 Oracle Identity Management Connector

Table 112 describes the Error Correction information for Oracle Identity Management Connector.

Table 112 Error Correction information for Oracle Identity Management Connector

Patch Information

9.1.0.4

Comments

Final Patch

April 2017

 

Table 113 describes the available patches for Oracle Identity Manager.

Table 113 Patch Availability for Oracle Identity Management Connector

Product Home

Patch

Advisory Number

Comments

9.1.0.4

CPU Patch 13636081

Released April 2012

 

3.3.29 Oracle Imaging and Process Management

Table 114 describes the Error Correction information for Oracle Imaging and Process Management.

Table 114 Error Correction information for Oracle Imaging and Process Management

Patch Information

10.1.3.6

Comments

Final Patch

October 2015

 

Table 115 describes the available patches for Oracle Imaging and Process Management.

Table 115 Critical Patch Update Availability for Oracle Imaging and Process Management

Release

Patch

Advisory Number

Comments

10.1.3.6

CPU Patch 14756862

Released October 2012

 

3.3.30 Oracle JDeveloper and Oracle ADF

Table 116 describes the Error Correction information for Oracle JDeveloper and Oracle ADF.

Table 116 Error Correction information for Oracle JDeveloper and Oracle ADF

Patch Information

12.1.3.0.0

12.1.2.0.0

11.1.2.4.0

11.1.1.7.0

10.1.3.5

Comments

Final Patch

-

April 2015

October 2021

 

April 2017

 

Table 117 describes the available patches for Oracle JDeveloper and Oracle ADF.

Table 117 Critical Patch Update Availability for Oracle JDeveloper and Oracle ADF

Release

Patch

Advisory Number

Comments

12.1.3.0.0

SPU Patch 19591087

CVE-2014-6522

 

12.1.2.0.0

SPU Patch 19591074

CVE-2014-6522

 

11.1.2.4.0

SPU Patch 19591073

CVE-2014-6522

 

11.1.1.7.0

SPU Patch 19591065

CVE-2014-6522

 

Oracle JDeveloper 12.1.2.0.0 home

Oracle ADF 12.1.2.0.0 home

SPU Patch 17621876

Released January 2014

Oracle Help Technology Patch

Oracle JDeveloper 11.1.7.0.0 home

Oracle ADF 11.1.7.0.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technology Patch

10.1.3.5

SPU Patch 14756862

Released October 2012

 

3.3.31 Oracle JRockit

Table 118 describes the Critical Patch Update availability for Oracle JRockit.

Oracle JRockit R28.3.4 and R27.8.4 include fixes for all security advisories that have been released through CPUOct2014.

Table 118 Critical Patch Update Availability for Oracle JRockit

Oracle JRockit

R28.3.4

R27.8.4

Advisory Number

Comments

JRE and JDK 6

Patch 19138286

NA

Released October 2014

 

JRE and JDK 5

Patch 19138297

Patch 19138352

Released October 2014

 

3.3.32 Oracle Map Viewer

Table 119 describes the Error Correction information for Oracle Map Viewer.

Table 119 Error Correction information for Oracle Map Viewer

Patch Information

11.1.1.6.0

10.1.3.1.0

Comments

Final Patch

-

-

 

Table 120 describes the available patches for Oracle Map Viewer.

Table 120 Patch Availability for Oracle Map Viewer

Product Home

Patch

Advisory Number

Comments

11.1.1.6.0

CPU Patch 14065245

Released July 2012

 

10.1.3.1.0

CPU Patch 13997316

Released July 2012

 

3.3.33 Oracle Outside In Technology

Table 121 describes the Error Correction information for Oracle Outside In Technology.

Table 121 Error Correction information for Oracle Outside In Technology

Patch Information

8.4.1

Comments

Final Patch

-

 

Table 122 describes the available patches for Oracle Outside in Technology.

Table 122 Patch Availability for Oracle Outside In Technology

Product Home

Patch

Advisory Number

Comments

Oracle Outside In Technology 8.4.1

SPU Patch 17733168

Released January 2014

 

Oracle Outside In Technology 8.4

SPU Patch 17733154

Released January 2014

 

3.3.34 Oracle Portal, Forms, Reports, and Discoverer 11g Release 1

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Portal, Forms, Reports, and Discoverer 11g Release 1 installation. Only the relevant homes from those tables need to be patched.

Table 123 describes the available patches for Oracle Portal, Forms, Reports, and Discoverer 11g Release 1.

Table 123 Patch Availability for Oracle Portal, Forms, Reports, and Discoverer 11g Release 1

Product Home

Patches

Comments

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See Section Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.35 Oracle SOA Suite

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle SOA Suite installation. Only the relevant homes from those tables need to be patched.

Table 124 describes the available patches for Oracle SOA Suite.

Table 124 Patch Availability for Oracle SOA Suite

Product Home

Patches

Comments

Oracle SOA Suite 11.1.1.7.0 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle SOA Suite 10.1.3.5 home

See Section 3.3.18.9, "Oracle Fusion Middleware 10.1.3.5.x"

 

3.3.36 Oracle Traffic Director

Table 125 describes the Error Correction information for Oracle Traffic Director.

Table 125 Error Correction information for Oracle Traffic Director

Patch Information

11.1.1.7.0

Comments

Final Patch

-

 

Table 126 describes the available patches for Oracle Traffic Director.

Table 126 Patch Availability for Oracle Traffic Director

Product Home

Patch

Advisory Number

Comments

11.1.1.7.0

SPU Patch 18920619

Released July 2014

 

3.3.37 Oracle Web-Tier 11g Utilities

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Web-Tier 11g Utilities installation. Only the relevant homes from those tables need to be patched.

Table 127 describes the available patches for Oracle Web-Tier 11g Utilities.

Table 127 Patch Availability for Oracle Web-Tier 11g Utilities

Product Home

Patches

Comments

Oracle Web-Tier 11g Utilities 11.1.1.7.0 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.38 Oracle WebCenter

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle WebCenter installation. Only the relevant homes from those tables need to be patched.

Table 128 describes the available patches for Oracle WebCenter.

Table 128 Patch Availability for Oracle WebCenter

Product Home

Patches

Comments

Oracle WebCenter 11.1.1.8.0 home

See Section 3.3.18.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter 11.1.1.7.0 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.39 Oracle WebCenter Content (Formerly Oracle Universal Content Management)

Table 129 describes the Error Correction information for Oracle WebCenter Content (formerly Oracle Universal Content Management).

Table 129 Error Correction information for WebCenter Content

Patch Information

10.1.3.5.1

Comments

Final Patch

October 2015

 

Table 130 describes the available patches for Oracle WebCenter Content (formerly Oracle Universal Content Management).

Table 130 Patch Availability for Oracle WebCenter Content

Component

Patch

Advisory Number

Comments

Oracle WebCenter Content 11.1.1.8 home

See Section 3.3.18.6, "Oracle WebCenter 11.1.1.8"

See Section 3.3.18.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter Content 11.1.1.7 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle WebCenter Content 10.1.3.5.1 home

SPU Patch 17289573

Released October 2013

 

Oracle WebCenter Content 10.1.3.5.1 home

SPU Patch 16920680

Released July 2013

 

Oracle WebCenter Content 10.1.3.5.1 home

SPU Patch 16313031

Released April 2013

 

3.3.40 Oracle WebCenter Forms Recognition

Table 131 describes the Error Correction information for Oracle WebCenter Forms Recognition.

Table 131 Error Correction information for Oracle WebCenter Forms Recognition

Patch Information

10.1.3.5

Comments

Final Patch

-

 

Table 132 describes the available patches for Oracle WebCenter Forms Recognition. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 132 Patch Availability for Oracle WebCenter Forms Recognition

Oracle WebCenter Forms Recognition

Patch

Advisory Number

Comments

10.1.3.5

CPU Patch 13882540

Released April 2012

 

3.3.41 Oracle WebCenter Interaction

Table 133 describes the Error Correction information for Oracle WebCenter Interaction.

Table 133 Error Correction information for Oracle WebCenter Interaction

Patch Information

10.3.3.0

6.5.1

Comments

Final Patch

January 2017

January 2016

 

Table 134 describes the available patches for Oracle WebCenter Interaction. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 134 Patch Availability for Oracle WebCenter Interaction

Oracle WebCenter Interaction

Patch

Advisory Number

Comments

10.3.3.0.0

CPU Patch 16398622

Released April 2013

 

6.5.1

CPU Patch 16417563

Released April 2013

 

6.5.1

CPU Patch 13718635

Released April 2012

WebLogic Server 9.2.0.0 one-off patch that needs to be applied to WebLogic Server home

3.3.42 Oracle WebCenter Portal

Table 135 describes the Error Correction information for Oracle WebCenter Portal.

Table 135 Error Correction information for Oracle WebCenter Portal

Patch Information

11.1.1.8

11.1.1.7

Comments

Final Patch

-

-

 

Table 136 describes the available patches for Oracle WebCenter Portal.

Table 136 Patch Availability for Oracle WebCenter Portal

Product Home

Patches

Comments

Oracle WebCenter 11.1.1.8.0 home

See Section 3.3.18.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter 11.1.1.7.0 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.43 Oracle WebCenter Sites (Formerly FatWire Content Server)

Table 137 describes the Error Correction information for Oracle WebCenter Sites (formerly FatWire Content Server).

Table 137 Error Correction information for Oracle WebCenter Sites (formerly FatWire Content Server)

Patch Information

11.1.1.8

11.1.1.6.1

Comments

Final Patch

-

April 2016

 

Table 138 describes the available patches for Oracle WebCenter Sites. See also the underlying product stack tables.

Table 138 Patch Availability for Oracle WebCenter Sites

Product Home

Patch

Advisory Number

Comments

11.1.1.8

SPU Patch 18016084

Released January 2014

 

11.1.1.6.1

SPU Patch 17904775

Released January 2014

 

3.3.44 Oracle WebCenter Suite

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle WebCenter Suite installation. Only the relevant homes from those tables need to be patched.

Table 139 describes the available patches for Oracle WebCenter Suite.

Table 139 Patch Availability for Oracle WebCenter Suite

Product Home

Patches

Comments

Oracle WebCenter Suite 11.1.1.8.0 home

See Section 3.3.18.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter Suite 11.1.1.7.0 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle WebCenter Suite 10g home

See Section 3.3.18.9, "Oracle Fusion Middleware 10.1.3.5.x"

 

3.3.45 Oracle WebGate

Table 140 describes the Error Correction information for Oracle WebGate.

Table 140 Error Correction information for Oracle WebGate

Patch Information

10.1.4.3.0

Comments

Final Patch

October 2014

 

On-Request platforms

Platform and Server combinations that are historically inactive for patching are available on-request. If the patch is not available for a particular platform, see Section 1.3, "On-Request Patches"

 

Table 141 describes the available patches for Oracle WebGate. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 141 Patch Availability for Oracle WebGate

Oracle WebGate

Patch

Advisory Number

Comments

11.1.2.2 home

See Section 3.3.18.10, "Oracle Identity Access Management 11.1.2.2"

See Section 3.3.18.10, "Oracle Identity Access Management 11.1.2.2"

 

11.1.2.1 home

See Section 3.3.18.11, "Oracle Identity Access Management 11.1.2.1"

See Section 3.3.18.11, "Oracle Identity Access Management 11.1.2.1"

 

11.1.1.7 home

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

See Section 3.3.18.7, "Oracle Fusion Middleware 11.1.1.7"

 

11.1.1.5 home

See Section 3.3.18.8, "Oracle Fusion Middleware 11.1.1.5"

See Section 3.3.18.8, "Oracle Fusion Middleware 11.1.1.5"

 

10.1.4.3.0 home

OAM 10.1.4.3 BP 13 Patch 13718105 or later

Released April 2013

 

3.3.46 Oracle WebLogic Integration

Table 142 describes the Error Correction information for Oracle WebLogic Integration.

Table 142 Error Correction information for Oracle WebLogic Integration

Patch Information

10.3.1.0

Comments

Final Patch

January 2017

 

Table 143 describes the availability for Critical Patch Updates for Oracle WebLogic Integration. See also the underlying product stack tables.

Table 143 Critical Patch Update Availability for Oracle WebLogic Integration

Product Home

Patch

Advisory Number

Comments

10.3.1.0

OR

OR

SPU Patch 18526551

SPU Patch 12875001

OR

OR

SPU Patch 14825824

OR

OR

Released July 2014

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released July 2014

Released January 2013

Released July 2014

Released July 2014

WLS 10.3.0.0 JVM Patch

WLS 10.3.0.0 Deployment Patch

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

3.3.47 Oracle WebLogic Portal

Table 144 describes the Error Correction information for Oracle WebLogic Portal.

Table 144 Error Correction information for Oracle WebLogic Portal

Patch Information

10.3.6.0

10.2.1.0

10.0.1.0

Comments

Final Patch

-

January 2015

January 2015

 

Table 145 describes the available patches for WebLogic Portal. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

WebLogic Portal patches are cumulative to include all the prior published advisories. For more information, see My Oracle Support Note 1355929.1, October 2011 Updates Introduce New WebLogic Portal (WLP) Configuration Options for SSL Session ID and SSL Filters.

WebLogic Portal 9.2.3.0 is bundled with WebLogic Server 9.2.3.0, which is out of error correction. Contact Oracle support for security patches needed for WebLogic Server 9.2.3.0

Table 145 Critical Patch Update Availability for WebLogic Portal

Product Home

Patch

Advisory Number

Comments

10.2.1.0

CPU Patch 12388715

Released October 2011

WebLogic Portal Patch for WebLogic Portal 10.2.1.0 home

10.2.1.0

SPU Patch 18767778

SPU Patch 18767718

SPU Patch 18526551

SPU Patch 12875001

SPU Patch 18767741

SPU Patch 18767638

SPU Patch 14825824

SPU Patch 18767688

SPU Patch 18767762

Released July 2014

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released July 2014

Released January 2013

Released July 2014

Released July 2014

WLS 10.0.2.0 JVM Patch (SU IDs: LSTY)

WLS 10.0.2.0 Deployment Patch (SU IDs: 3DIF)

WLS 10.0.2.0 CSS Patch (SU IDs: P4WN)

WLS 10.0.2.0 JMS Patch (SU IDs: 1G6S)

WLS 10.0.2.0 WebServices Patch (SU IDs: 2VQ9, Z445, YQ8T, RLQ1, J8HT, DPU4)

WLS 10.0.2.0 Security Patch (SU IDs: 72C7, GYQZ, H9QB, W4G5)

WLS 10.0.2.0 WebApp Patch (SU IDs: 12RW)

WLS 10.0.2.0 Core Patch (SU IDs: R5JS, I4UY, 1ULW)

WLS 10.3.2.0 Console Patch (SU IDs: RHFA)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

10.0.1.0

CPU Patch 12388715

Released October 2011

WebLogic Portal Patch for WebLogic Portal 10.0.1.0 home

10.0.1.0

OR

OR

SPU Patch 18526551

SPU Patch 12875001

OR

OR

SPU Patch 14825824

OR

OR

CPU Patch 12818102

Released July 2014

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released July 2014

Released January 2013

Released July 2014

Released July 2014

Released October 2011

WLS 10.0.1.0 JVM Patch

WLS 10.0.1.0 Deployment Patch

WLS 10.0.1.0 CSS Patch

WLS 10.0.1.0 JMS Patch

WLS 10.0.1.0 WebServices Patch

WLS 10.0.1.0 Security Patch

WLS 10.0.1.0 WebApp Patch

WLS 10.0.1.0 Core Patch

WLS 10.0.1.0 Console Patch

WebLogic Server Patch for WebLogic Server 10.0.1.0 home

3.3.48 Oracle WebLogic Server

Table 146 describes the Error Correction information for Oracle WebLogic Server.

Table 146 Error Correction information for Oracle WebLogic Server Patch Set Update

Patch Information

12.1.3.0

12.1.2.0

12.1.1.0

10.3.6.0

Comments

Final Patch

-

-

-

October 2021

 

Table 147 describes the available patches for Oracle WebLogic Server. For more information, see MyOracleSupport Note 1470197.1, Master Note on WebLogic Server Patch Set Updates (PSUs).

Table 147 Patch Set Update Availability for Oracle WebLogic Server

Product Home

Patch

Advisory Number

Comments

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

Oracle WebLogic Server Plug-ins

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

WebLogic Server 12.1.3.0.0 home

PSU 12.1.3.0.1 Patch 19182811

CVE-2014-0114, CVE-2014-6534, CVE-2014-6499

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-6499, See Note 1930466.1, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server

WebLogic Server 12.1.2.0.0 home

PSU 12.1.2.0.3 Patch 19182822

CVE-2014-0114, CVE-2014-6534, CVE-2014-6499

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

For CVE-2014-6499, See Note 1930466.1, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server

WebLogic Server 12.1.1.0.0 home

PSU 12.1.1.0.9 Patch 19182818

CVE-2014-0114, CVE-2014-6534, CVE-2014-6499

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

For CVE-2014-6499, See Note 1930466.1, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server

WebLogic Server 10.3.6.0.0 home

PSU 10.3.6.0.9 Patch 19182814

CVE-2014-0114, CVE-2014-6534, CVE-2014-6499

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

For CVE-2014-6499, See Note 1930466.1, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server

3.3.49 Oracle WebLogic Server and WebLogic Express

Table 148 describes the Error Correction information for Oracle WebLogic Server and WebLogic Express.

Table 148 Error Correction information for Oracle WebLogic Server and WebLogic Express

Patch Information

10.0.2.0

Comments

Final Patch

January 2015

 

Table 149 describes the available patches for WebLogic Server and WebLogic Express. See also the underlying product stack tables (JRockit) for any applicable patches.

For WebLogic Server releases 10.3.2 and later that are part of the Oracle Fusion Middleware 11g R1 releases, see Section 3.3.18, "Oracle Fusion Middleware."

Table 149 Critical Patch Update Availability for Oracle WebLogic Server and WebLogic Express

Product Home

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

Oracle Java SE home

See Note 1931846.1, Oracle Java SE Critical Patch Update

See Note 1931846.1, Oracle Java SE Critical Patch Update

 

 

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.31, "Oracle JRockit"

See Section 3.3.31, "Oracle JRockit"

 

 

 

Oracle WebLogic Server Plug-ins

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

See Section 3.3.50, "Oracle WebLogic Server Plug-ins"

 

 

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

10.0.2.0

See My Oracle Support Note 1930466.1

CVE-2014-6499

NA

NA

For CVE-2014-6499, See Note 1930466.1, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server

10.0.2.0

SPU Patch 18767778

SPU Patch 18767718

SPU Patch 18526551

SPU Patch 12875001

SPU Patch 18767741

SPU Patch 18767638

SPU Patch 14825824

SPU Patch 18767688

SPU Patch 18767762

Released July 2014

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released July 2014

Released January 2013

Released July 2014

CVE-2014-0114, CVE-2014-6534

NA

NA

NA

NA

A9I9

G1X9

12RW

IJNF

NA

LSTY

3DIF

P4WN

1G6S

2VQ9, Z445, YQ8T, RLQ1, J8HT, DPU4

72C7, GYQZ, H9QB, W4G5

6CRM, 1J9G, FVXN, 12RW

R5JS, I4UY, 1ULW

K3WH

JVM patch

Deployment patch

CSS Patch

JMS Patch

WebServices Patch

Security Patch

WebApp Patch

Core Patch

Console Patch

3.3.50 Oracle WebLogic Server Plug-ins

Table 150 the available patches for Oracle WebLogic Server Plug-ins (Oracle HTTP Server/Apache/IIS/iPlanet).

The WebLogic plug-ins include all cumulative bug fixes and thus include fixes for all previously released advisories. For more information, see My Oracle Support Note 1111903.1.

Table 150 Critical Patch Update Availability for Oracle WebLogic Server Plug-ins

Product Home

Patch

Advisory Number

Comments

WLS Plugin 12c (12.1.2.0.0)

SPU Patch 18423842

SPU Patch 18603723

SPU Patch 18603725

SPU Patch 18603728

Released July 2014

WLS Plug-in for Oracle HTTP Server (mod_wl_ohs)

WLS Plug-in for Apache (mod_wl)

WLS Plug-in for NSAPI (iPlanet)

WLS Plug-in for ISAPI (Microsoft IIS)

WLS Plugin 1.1 (11.1.1.7)

SPU Patch 18423831

SPU Patch 18603703

SPU Patch 18603707

SPU Patch 18603714

Released July 2014

WLS Plug-in for Oracle HTTP Server (mod_wl_ohs)

WLS Plug-in for Apache (mod_wl)

WLS Plug-in for NSAPI (iPlanet)

WLS Plug-in for ISAPI (Microsoft IIS)

WLS Plugin 1.0 (10.3.4 and older)

CPU Patch 11845433

Released April 2011

See Note 1111903.1, WebLogic Server Web Server Plug-In Support

3.4 Oracle Sun Middleware

This section contains the following:

·         Section 3.4.1, "Directory Server Enterprise Edition"

·         Section 3.4.2, "iPlanet Web Server"

·         Section 3.4.3, "iPlanet Web Proxy Server"

·         Section 3.4.4, "Oracle GlassFish Communications Server"

·         Section 3.4.5, "Oracle GlassFish Server"

·         Section 3.4.6, "Oracle Open SSO Agents"

·         Section 3.4.7, "Oracle Open SSO Server"

·         Section 3.4.8, "Sun Role Manager"

3.4.1 Directory Server Enterprise Edition

Table 151 describes the Error Correction information for Directory Server Enterprise Edition.

Table 151 Error Correction information for Directory Server Enterprise Edition

Patch Information

11.1.1.5.0

7.0

Comments

Final Patch

January 2014

October 2017

 

Table 152 describes the minimum revisions of Directory Server Enterprise Edition server patches that are required to resolve the vulnerabilities for CPUOct2014.

Table 152 Patch Availability for Directory Server Enterprise Edition

Product Home

Patch

Advisory Number

Comments

Directory Server Enterprise Edition 11.1.1.5.0

Patch 16815503 and Patch 16815515

Released July 2013

 

Directory Server Enterprise Edition 7.0

Patch 16819004

Released July 2013

 

3.4.2 iPlanet Web Server

Table 153 describes the Error Correction information for iPlanet Web Server.

Table 153 Error Correction information for iPlanet Web Server

Patch Information

7.0

6.1

Comments

Final Patch

-

 

 

Table 154 describes the minimum revisions of iPlanet Web Server patches that are required to resolve the vulnerabilities for CPUOct2014.

Table 154 Patch Availability for iPlanet Web Server

Product Home

Patch

Advisory Number

Comments

iPlanet Web Server 7.0 home

AIX: Patch 18919818

HPUX: Patch 18919818

Linux (64-Bit): Patch 18919818

Linux: Patch 18919818

Windows: Patch 18919818

Solaris SPARC: Patch 18919818

Solaris-x86: Patch 18919818

Released July 2014

 

iPlanet Web Server 6.1 home

Solaris SPARC (32-bit): Patch 18799279

Solaris SPARC (64-bit): Patch 18799279

Solaris x86 (32-bit): Patch 18799279

Linux x86: Patch 18799279

Windows (32-bit): Patch 18799279

AIX (32-bit): Patch 18799279

HPUX (32-bit): Patch 18799279

Released July 2014

 

3.4.3 iPlanet Web Proxy Server

Table 155 describes the Error Correction information for iPlanet Web Proxy Server.

Table 155 Error Correction information for iPlanet Web Proxy Server

Patch Information

4.0

Comments

Final Patch

 

 

Table 156 describes the minimum revisions of iPlanet Web Proxy Server patches that are required to resolve the vulnerabilities for CPUOct2014.

Table 156 Patch Availability for iPlanet Web Proxy Server

Product Home

Patch

Advisory Number

Comments

iPlanet Web Proxy Server 4.0 home

Solaris SPARC: Patch 18875560

Linux: Patch 18875560

Solaris-X86: Patch 18875560

Windows: Patch 18875560

HP-UX: Patch 18875560

Linux 2.6: Patch 18875560

Released July 2014

Microsoft Windows patches: Available July 29, 2014

3.4.4 Oracle GlassFish Communications Server

Table 157 describes the Error Correction information for Oracle GlassFish Communications Server.

Table 157 Error Correction information for Oracle GlassFish Communications Server

Patch Information

2.0

Comments

Final Patch

October 2017

 

Table 158 describes the minimum revisions of Oracle GlassFish Communications Server patches that are required to resolve the vulnerabilities for CPUOct2014.

Table 158 Patch Availability for Oracle GlassFish Communications Server

Product Home

Patch

Advisory Number

Comments

Oracle GlassFish Communications Server 2.0

Linux x86: 143477-19

Linux x86-64: 143478-19

Solaris x86 and x86-64: 143476-07

Solaris SPARC 32 and 64 bit: 143475-16

Released July 2014

 

3.4.5 Oracle GlassFish Server

Table 159 describes the Error Correction information for Oracle GlassFish Server.

Table 159 Error Correction information for Oracle GlassFish Server

Patch Information

3.1.2

3.0.1

2.1.1

Comments

Final Patch

January 2019

October 2017

January 2017

 

Table 160 describes the minimum revisions of GlassFish server patches that are required to resolve the vulnerabilities for CPUOct2014.

Table 160 Patch Availability for Oracle GlassFish Server

Product Home

Patch

Advisory Number

Comments

Oracle GlassFish Server 3.1.2

IBM AIX: Patch 18904969

Linux: Patch 18904969

MacOS X: Patch 18904969

Microsoft Windows: Patch 18904969

SPARC: Patch 18904969

SPARC: x86: Patch 18904969

UNIX: Patch 18904969

Released July 2014

 

Oracle GlassFish Server 3.0.1

Linux: Patch 18768970

MacOS X: Patch 18768970

Microsoft Windows: Patch 18768970

SPARC: Patch 18768970

SPARC x86: Patch 18768970

Released July 2014

 

Oracle GlassFish Server 2.1.1

Linux: Patch 18741369 (EE), Patch 18741545 (PE)

AIX: Patch 18741369 (EE)

Microsoft Windows: Patch 18741369 (EE), Patch 18741545 (PE)

SPARC: Patch 18741369 (EE), Patch 18741545 (PE)

SPARC x86: Patch 18741369 (EE), Patch 18741545 (PE)

Released July 2014

 

3.4.6 Oracle Open SSO Agents

Table 161 describes the Error Correction information for Oracle Open SSO Agents.

Table 161 Error Correction information for Oracle Open SSO Agents

Patch Information

3.0-05

Comments

Final Patch

October 2017

 

Table 162 describes the available patches for Oracle Open SSO Agents.

Table 162 Patch Availability for Oracle Open SSO Agents

Product Home

Patch

Advisory Number

Comments

Oracle Open SSO Agent home 3.0-05

SPU Patch 19003675

CVE-2013-1741

Apache HTTP Server 2.2.X Patch

Oracle Open SSO Agent home 3.0-05

SPU Patch 19003764

CVE-2013-1741

IBM Lotus Domino Server 8.5 Patch

Oracle Open SSO Agent home 3.0-05

SPU Patch 19003807

CVE-2013-1741

IIS 6 Patch

Oracle Open SSO Agent home 3.0-05

SPU Patch 19003838

CVE-2013-1741

IIS 7 Patch

Oracle Open SSO Agent home 3.0-05

SPU Patch 19003922

CVE-2013-1741

Sun Java System Web Server Patch

3.4.7 Oracle Open SSO Server

Table 163 describes the Error Correction information for Oracle Open SSO Server.

Table 163 Error Correction information for Oracle Open SSO Server

Patch Information

8.0.2.0

Comments

Final Patch

-

 

Table 164 describes the available patches for Oracle Open SSO Server.

Table 164 Patch Availability for Oracle Open SSO Server

Product Home

Patch

Advisory Number

Comments

Oracle Open SSO Server home 8.0.2

Overlay SPU Patch 18435359 and 8.0.2.5 (OpenSSO U2 Patch 5) Patch-ID: 141655-09

Released April 2014

Overlay SPU patch on Open SSO 8.0.2.5 (OpenSSO U2 Patch 5)

3.4.8 Sun Role Manager

Table 165 describes the Error Correction information for Sun Role Manager.

Table 165 Error Correction information for Sun Role Manager

Patch Information

5.0.3.2

Comments

Final Patch

October 2017

 

On-Request platforms

 

 

Table 166 describes the available patches for Sun role Manager. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 166 Patch Availability for Sun Role Manager

Oracle Sun Role Manager

Patch

Advisory Number

Comments

Sun Role Manager 5.0.3.3 home

BP 3 Patch 18175969 or higher

Released April 2014

 

3.5 Tools

This section contains the following:

·         Section 3.5.1, "Oracle OPatch"

3.5.1 Oracle OPatch

Table 167 describes the minimum product requirements for Oracle OPatch. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle OPatch downloads can be found at Patch 6880880.

Table 167 Minimum Product Requirements for Oracle OPatch

Component

Release

Advisory Number

Comments

Oracle OPatch

1.0.0.0.64

Announced July 2011

 

4 Final Patch History

Table 168 describes the final patch history.

The final patch is the last CPU/PSU release for which the product release is under error correction. For more information, see My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

Table 168 Final Patch History

Release

Final Patches

Comments

 

July 2014

Oracle Business Process Management 6.0.5

Oracle Complex Event Processing and Weblogic Event Server 2.0

Oracle WebCenter Portal 11.1.1.7

Oracle WebLogic Portal 10.3.5.0

 

April 2014

Oracle Application Performance Management 6.5.5

Oracle Business Intelligence EE and Publisher 11.1.1.6.0

Oracle Data Integrator 11.1.1.6.0

Oracle Database Management Plug-in 12.1.0.3

Oracle Enterprise Manager Cloud Control 12.1.0.2

Oracle Identity Access Management 11.1.2.0

Oracle JDeveloper 11.1.2.3.0

Oracle Outside In Technology 8.4.0

Oracle Universal Content Management 11.1.1.6

 

January 2014

Oracle Complex Event Processing 11.1.1.6.0

Oracle Data Integrator 11.1.1.6.0

Oracle Database Management Plug-in 12.1.0.2

Oracle Directory Server Enterprise Edition 11.1.1.5.0

Oracle Fusion Middleware 11.1.1.6.0

 

October 2013

Oracle Access Manager 10.1.4.0

Oracle Database 11.2.0.2

Oracle Directory Server Enterprise Edition 6.3.1

Oracle Identity Manager 9.1.0.2

Oracle Real user Experience Insight 6.0.x

Oracle WebCenter Sites 11.1.1.6.0

Sun Java System Directory Server Enterprise Edition 6.3.1

Sun Role Manager 4.x

WebLogic Communications Server 3.x

WebLogic Integration 9.2.3.0

WebLogic Portal 9.2.3.0

WebLogic Server 9.2.4.0

WebLogic SIP Server 3.x

WebLogic Workshop 9.2.3.0

 

July 2013

Oracle Application Performance Management 12.1.0.2

Oracle AquaLogic Enterprise Repository 2.5

Oracle Collaboration Suite 10.1.x

Oracle Database 10.2.0.5

Oracle Database 10.2.0.4

Oracle Enterprise Manager Cloud Control 12.1.0.1

Oracle Enterprise Repository 2.6

Oracle GoldenGate 10.4.1.0

Oracle GoldenGate Veridata 3.x

Oracle Hyperion BI+ 11.1.1.x

Oracle JDeveloper 11.1.2.2.0

Oracle Management Pack for Oracle GoldenGate 2.x

Oracle Outside In Technology 8.3.7

Oracle WebLogic Server 10.3.5.0

Oracle WebLogic Portal 10.3.0

Oracle Workflow Server 2.6.4 with Database 10gR2

 

April 2013

Oracle Audit Vault 10.2.3.2

Oracle WebLogic SIP Server 2.2.0.0

Oracle WebLogic SIP Server 2.1.0.0

Oracle WebLogic SIP Server 2.0.2.0

WebLogic Communications Platform/WebLogic SIP Server 2.x

WebLogic Network Gatekeeper 2.x

 

January 2013

Oracle Business Intelligence Enterprise Edition 11.1.1.5.0

Oracle Business Intelligence Publisher 11.1.1.5.0

Oracle Complex Event Processing and WebLogic Event Server 11.1.1.4.0

Oracle Database 10.2.0.4 for HP Open VMS-Alpha, and VMS-Itanium

Oracle Database 10.2.0.3 for IBM z/OS on System z

Oracle Event Processing 11.1.1.4.0

Oracle FatWire Content Server (including Satellite Server) 7.5

Oracle FatWire Content Server (including Satellite Server) 7.0.3

Oracle FatWire Content Server (including Satellite Server) 7.0.2

Oracle FatWire Content Server (including Satellite Server) 7.0.1

Oracle FatWire Content Server (including Satellite Server) 7.0

Oracle FatWire Content Server (including Satellite Server) 6.3.x

Oracle FatWire Content Server (including Satellite Server) 6.2

Oracle FatWire Content Server (including Satellite Server) 6.1

Oracle Fusion Middleware 11.1.1.5.0

Oracle Fusion Middleware 11.1.1.4.0 for Portal, Forms, Reports and Discoverer

Oracle Map Viewer 11.1.1.5.0

 

October 2012

Oracle AquaLogic Interaction Logging Utilities 6.0

Oracle AquaLogic Interaction Logging Utilities 1.0

Oracle COREid 10.1.4.3

Oracle SSO/DAS 10.1.4.3

Oracle Secure Backup 10.3.0.3

 

July 2012

AquaLogic Data Services Platform 2.5.2.0

Oracle Business Intelligence Enterprise Edition 11.1.1.3

Oracle Business Intelligence Enterprise Edition 10.1.3.4.1

Oracle Business Publisher 11.1.1.3

Oracle Business Publisher 10.1.3.4.1

Oracle Outside In Technology 8.3.5

Oracle Service Bus 2.6.1.0

 

5 Sources of Additional Information

The following documents provide additional information about Critical Patch Updates:

·         My Oracle Support Note 1933274.1, Oracle Database PSU 12.1.0.2.1 Oracle JavaVM Component Known Issues

·         My Oracle Support Note 1933273.1, Oracle Database PSU 12.1.0.1.1 Oracle JavaVM Component Known Issues

·         My Oracle Support Note 1933272.1, Oracle Database PSU 11.2.0.4.1 Oracle JavaVM Component Known Issues

·         My Oracle Support Note 1933271.1, Oracle Database PSU 11.2.0.3.1 Oracle JavaVM Component Known Issues

·         My Oracle Support Note 1933270.1, Oracle Database PSU 11.1.0.7.1 Oracle JavaVM Component Known Issues

·         My Oracle Support Note 1930503.1, Oracle Quarterly Database Patch 12.1.0.2.1 Known Issues

·         My Oracle Support Note 1911779.1, Oracle Grid Infrastructure Patch Set Update 12.1.0.1.5 Known Issues

·         My Oracle Support Note 1911778.1, Oracle Grid Infrastructure Patch Set Update 11.2.0.4.4 Known Issues

·         My Oracle Support Note 1911777.1, Oracle Grid Infrastructure Patch Set Update 11.2.0.3.12 Known Issues

·         My Oracle Support Note 1911780.1, Critical Patch Update October 2014 Database Patch Security Vulnerability Molecule Mapping

·         My Oracle Support Note 1911781.1, Critical Patch Update October 2014 Database Known Issues.

·         My Oracle Support Note 1912243.1, Critical Patch Update October 2014 Oracle Fusion Middleware Known Issues.

·         My Oracle Support Note 1912240.1, Critical Patch Update October 2014 Oracle Enterprise Manager Grid Control Known Issues

·         My Oracle Support Note 1591483.1, What is Installed in My Middleware or Oracle home?

·         My Oracle Support Note 1571367.1, Patch Set Update for Exalogic Known Issues

·         My Oracle Support Note 1365205.1, Getting Started with Oracle WebLogic Server: How to Make Sure that Recommended Patches are Applied

·         My Oracle Support Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

·         My Oracle Support Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

·         My Oracle Support Note 1227443.1, Patch Set Updates Known Issues Notes

·         My Oracle Support Note 854428.1, Patch Set Updates (PSUs) for Oracle Products.

·         My Oracle Support Note 605795.1, Introduction to catbundle.sql.

·         My Oracle Support Note 605398.1, How To Find The Version Of The Main EM Components.

·         My Oracle Support Note 438314.1, Critical Patch Update - Introduction to Database n-Apply CPU Patches.

·         My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

·         My Oracle Support Note 161549.1, Oracle Database Server and Networking Patches for Microsoft Platforms.

6 Modification History

Table 169 describes the modification history for this document.

Table 169 Modification History

Date

Modification

27 May 2015

·         Updated Table 14

5 January 2015

·         Updated Table 93

·         Updated Table 89

·         Updated Table 87

·         Updated Table 85

·         Updated Table 77

·         Updated Table 75

24 November 2014

·         Updated Section 2.8

11 November 2014

·         Updated Section 2.8

5 November 2014

·         Updated Section 2.8

31 October 2014

·         Updated Section 2.8

30 October 2014

·         Updated Section 2.2

29 October 2014

·         Updated Section 2.2

·         Updated Section 3.1.4 with OJVM patches

22 October 2014

·         Updated Section 2.8

·         Updated Table 75 through Table 149 with new Note 1931846.1, Oracle Java SE Critical Patch Update

20 October 2014

·         Updated Section 2.8

·         Updated Section 2.6

·         Updated Table 85

·         Updated Table 37

·         Updated Table 16

17 October 2014

·         Section 2.8

·         Updated Table 14

·         Updated Table 12

·         Updated Table 8

14 October 2014

·         Released

7 Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.


Patch Set Update and Critical Patch Update October 2014 Availability Document

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

Didn't find what you are looking for? Ask in Community...

 

Related

 

 

 

Errors

 

TS-86861

Back to Top

 

Copyright (c) 2019, Oracle. All rights reserved.

 

Legal Notices and Terms of Use

 

Privacy Statement